Report - a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10246e19ce6cb4b544e90a64f5820b&subID2=55609&target=&Site=&Bnr=ALGO&cid=wrnkt6u0trc395gmi28i68ek&affsource=95&source=55609

Report Overview

Submitted URL
a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10246e19ce6cb4b544e90a64f5820b&subID2=55609&target=&Site=&Bnr=ALGO&cid=wrnkt6u0trc395gmi28i68ek&affsource=95&source=55609_95
IP
18.192.108.151
ASN
#16509 AMAZON-02
Submitted
2023-02-08 21:21:39
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.186.165.49
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-13T08:10:58Z	350 B	944 B	54.230.80.227
a.vfgtc.com	unknown	2019-09-27T14:31:23Z	2023-03-13T05:42:00Z	1.2 kB	1.9 kB	18.192.108.151
a.vfgtf.com	unknown	2020-02-06T08:47:32Z	2023-03-13T06:26:49Z	781 B	993 B	18.192.108.151
tracking.t0r4.com	unknown	2022-05-18T22:26:48Z	2023-03-13T06:42:41Z	565 B	994 B	172.67.190.127
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	1.5 kB	69 kB	142.250.74.99
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
s.sloffer1.com	unknown	2022-03-23T08:52:34Z	2023-03-13T05:42:13Z	2.2 kB	4.4 kB	3.218.135.42
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-13T06:42:54Z	573 B	870 B	18.184.38.55
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	54 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.163
v2.trckguardlnk.com	unknown	2022-09-26T22:46:28Z	2023-03-13T08:16:22Z	1.1 kB	604 B	35.156.69.71
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	409 B	1.3 kB	142.250.74.163
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-13T05:09:32Z	793 B	39 kB	172.217.21.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08 21:22:25	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:12:58 Times Seen37108903 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0	113 kB	2023-03-13	2023-10-28
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0 IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:20:33 Last Seen2023-10-28 21:52:45 Times Seen3 Hash 77cc675a0c3fc8a996aedfe12b01edfa 5f95b29dd05a60095fd9b25f12c717c046a00eee 00501daa7120b25bc7e42e6c80fa4d4ecf22fd605884e124f48346ca91481283 Loading...

	www.google.com/	29 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:34 Last Seen2023-03-13 20:01:34 Times Seen1 Hash 9aae84c8af13c3479c4d672d58865737 1e7bffb0fa4dc0f10f7b849358d10c0ac94a2262 7cabcb7ff144494e8c67eff1e764439a9d7313c0cd19341220a2703f294b192e Loading...

	www.google.com/	21 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:52 Last Seen2023-03-13 19:54:52 Times Seen1 Hash 3980afa95cbd35588450977f2717ef5c f9a8f8a83500bb73c4cb5059479f3bd8c86eefa6 2164428be4a419da4b791f7320906a73dcca1fcad4ce4e008c31151a089d7c96 Loading...

	www.google.com/	3.5 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:52 Last Seen2023-03-13 19:54:52 Times Seen1 Hash 11c9ba5ef18597cdd8bbeecd20597146 e95cf718901bb3237e81cb25956b524c34b0151b 520f9de2696de947ba032aaaecc8ced92466150955c4be00f2ebb319293cf6df Loading...

	www.google.com/	108 B	2023-03-13	2023-03-13
Pretty URL www.google.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:51 Last Seen2023-03-13 19:54:52 Times Seen1 Hash 6c72b6fb8a6830c751f676c4710ba374 a42f9e11bf2b3ffa85837622e99c31beba94db5a 09489b09bbde33bf221ff5a9e11ddde410d08472db20ac688a10d7179cadb439 Loading...

	v2.trckguardlnk.com/click?a=558&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=1206	69 B	2023-03-08	2023-04-05
Pretty URL v2.trckguardlnk.com/click?a=558&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=1206 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:33 Last Seen2023-04-05 01:56:59 Times Seen27 Hash 3b0ef641e9169a1ef777a950a6f4fb5b cfef63c9b78529700b2389f9eb873895a98510fc 297887fb8fd7e52b0e04443f84127f1286e02f07d6aec9ba6df0204f128615a5 Loading...

	www.google.com/	44 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:52 Last Seen2023-03-13 19:54:52 Times Seen1 Hash 289ed7a4cee4ca615396768a5c2e9bc9 a631217e55e3937d9b250d41b912d0436f64a652 855b5589290450c711f34d4a77b0471950a3449e014e7b540d630622a56668bd Loading...

	www.google.com/	6.3 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:08:52 Last Seen2023-03-13 23:41:31 Times Seen1 Hash ca21c94ada65d9e3c80a5d6d7ca7a27b 9e30beb37158f4158275fbb10189caaad26480ee ae43d1705d856eeefe21f973a0b4029538486945c9b45bb223d8d94705ff9b72 Loading...

HTTP Transactions (43)

	URL	IP	Response	Size
	a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10246e19ce6cb4b544e90a64f5820b&subID2=55609&target=&Site=&Bnr=ALGO&cid=wrnkt6u0trc395gmi28i68ek&affsource=95&source=55609_95	18.192.108.151	302	0 B
URL HTTP/1.1 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10246e19ce6cb4b544e90a64f5820b&subID2=55609&target=&Site=&Bnr=ALGO&cid=wrnkt6u0trc395gmi28i68ek&affsource=95&source=55609_95 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10246e19ce6cb4b544e90a64f5820b&subID2=55609&target=&Site=&Bnr=ALGO&cid=wrnkt6u0trc395gmi28i68ek&affsource=95&source=55609_95 HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Server: nginx Date: Wed, 08 Feb 2023 21:21:28 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wqnflo3v74khb5gm2lipl57q&aff_click_id=10246e19ce6cb4b544e90a64f5820b&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95 Pragma: no-cache Set-Cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=6md86VNZwDE95CUhuaTtXIEQrvxu073AxRqbXc9VPoA; Max-Age=86400; Expires=Thu, 09-Feb-2023 21:21:28 GMT; Domain=a.vfgtc.com; Path=/; HttpOnly cc-v4=u56gosIewdd6hbfHjUvzso913z5Tuerl2pGCBFfbaJEor7O5bw3abxrXG5%2BDtpRfHAiFXl%2FTaeB7QCWTlE8tTOHoo0QhnKaQnxv7aMpWa2eHT9zC2panuVJVHNW9bibF3V3MtVA8PYaLeevaLSs8Kw%3D%3D; Max-Age=31536000; Expires=Thu, 08-Feb-2024 21:21:28 GMT; Domain=a.vfgtc.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dca68db7aea32f6683ce8d542c078f04 19c495238df74fca680e21f18627ff94de5dd2e5 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3935 Expires: Wed, 08 Feb 2023 22:27:03 GMT Date: Wed, 08 Feb 2023 21:21:28 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D" Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3317 Expires: Wed, 08 Feb 2023 22:16:45 GMT Date: Wed, 08 Feb 2023 21:21:28 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 08 Feb 2023 20:34:13 GMT content-type: application/json age: 2835 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD" Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9371 Expires: Wed, 08 Feb 2023 23:57:39 GMT Date: Wed, 08 Feb 2023 21:21:28 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: F4HR18WHqwAwvBoCBF1IjBfS6jFIMXt0VwQRImAowIr5VqLjNUGD7hUL/GTCB8LeGaoKR09zc+8= x-amz-request-id: 5WRYAPPM7NWFQHWH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 08 Feb 2023 20:46:06 GMT age: 2122 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 08 Feb 2023 21:21:28 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d1ca231d678a0da7877dbdf884d9edc7 c81b7221e6e22ccb73a75a19d31b807963db6a9d 1e07ec2703ca0e2581c883616792698c849ff56ff4946e643a4ce8bc1ca77dc9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1E07EC2703CA0E2581C883616792698C849FF56FF4946E643A4CE8BC1CA77DC9" Last-Modified: Mon, 06 Feb 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15746 Expires: Thu, 09 Feb 2023 01:43:54 GMT Date: Wed, 08 Feb 2023 21:21:28 GMT Connection: keep-alive`

	s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wqnflo3v74khb5gm2lipl57q&aff_click_id=10246e19ce6cb4b544e90a64f5820b&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95	3.218.135.42	303 See Other	888 B
URL HTTP/2 s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wqnflo3v74khb5gm2lipl57q&aff_click_id=10246e19ce6cb4b544e90a64f5820b&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95 IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (888), with no line terminators Size 888 B (888 bytes) Hash eecbd18d0682b5eb23f883d1e41712e3 72c00a8c21a25e25aa4d45d87171d3b7ee85bd37 a40ca0da8c282c36792da0260bb9ef324b6ec56f186d4ed5cb215c7b415d7310 HTTP Headers GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wqnflo3v74khb5gm2lipl57q&aff_click_id=10246e19ce6cb4b544e90a64f5820b&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95 HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 303 See Other server: nginx/1.19.0 date: Wed, 08 Feb 2023 21:21:29 GMT content-type: text/html; charset=utf-8 content-length: 888 location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1020bafa31838594c6fc0427a3316c&subID2=75077&s2=1020bafa31838594c6fc0427a3316c&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1020bafa31838594c6fc0427a3316c&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756 set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Thu, 09 Feb 2023 21:21:29 GMT; Secure enc_aff_session_3785=ENC03033b474110936000cedccc0ee1725caf7885e5b1a5fe90fecb3237aff362bff44c171d3e18150a0cc17d7140f86d4218472323d1946d2b02a4fe5880ca7e1b6fe6d2c85506157504630b7cea459220594e989013237b54abe80a3eeaf3b1bb860eede1414121c73ae97c34371e36ca2a69e76cf4579e633f0d43b41bb9a322e6273d10449f378c1e4cbd746f45ad94be9052d980da62c537f0ab942062694b14b5a5a8f63b82d1cc275431035d5c41a128a116843ab87779b2b88b6d22325503020d2a8d; Path=/; Expires=Fri, 07 Feb 2025 21:21:29 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sat, 03 Jan 2026 08:01:29 GMT; Secure tracking_id: 1020bafa31838594c6fc0427a3316c vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 08 Feb 2023 20:51:20 GMT age: 1809 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1020bafa31838594c6fc0427a3316c&subID2=75077&s2=1020bafa31838594c6fc0427a3316c&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1020bafa31838594c6fc0427a3316c&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1020bafa31838594c6fc0427a3316c&subID2=75077&s2=1020bafa31838594c6fc0427a3316c&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1020bafa31838594c6fc0427a3316c&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1020bafa31838594c6fc0427a3316c&subID2=75077&s2=1020bafa31838594c6fc0427a3316c&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1020bafa31838594c6fc0427a3316c&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: a.vfgtf.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Wed, 08 Feb 2023 21:21:29 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1020bafa31838594c6fc0427a3316c&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wo1ctcj6m8u8g5gm2mu0k116&affsource=95&source=75077_95 pragma: no-cache set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=0S-fxGppB9WfI9uPIjeYIHJaJqELb6x7-bVkjxBWw-k; Max-Age=86400; Expires=Thu, 09-Feb-2023 21:21:29 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=xumS90ce1s2dSlBqM%2FQMzday%2F6ydlhAJ74zsKwCx3VPrfMFP6%2B8M6EIf06w1CGnHaOjzgo2ZiBE%2FHv2omZcWdB8OczidBnJr0o049aW%2FCBTPRkH95JiKUSfNlZXImWqE81lmebzPa5omF2d0otby8g%3D%3D; Max-Age=31536000; Expires=Thu, 08-Feb-2024 21:21:29 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA" Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2779 Expires: Wed, 08 Feb 2023 22:07:48 GMT Date: Wed, 08 Feb 2023 21:21:29 GMT Connection: keep-alive`

	a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1020bafa31838594c6fc0427a3316c&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wo1ctcj6m8u8g5gm2mu0k116&affsource=95&source=75077_95	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1020bafa31838594c6fc0427a3316c&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wo1ctcj6m8u8g5gm2mu0k116&affsource=95&source=75077_95 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1020bafa31838594c6fc0427a3316c&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wo1ctcj6m8u8g5gm2mu0k116&affsource=95&source=75077_95 HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Wed, 08 Feb 2023 21:21:29 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wrof6p4q7qdjq5gmis347g7e&aff_click_id=1020bafa31838594c6fc0427a3316c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&source=75077_95 pragma: no-cache set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=qzQBhbeSxX-KISNWw7c3YR1bhtbNQcd2HFt53SEn5gA; Max-Age=86400; Expires=Thu, 09-Feb-2023 21:21:29 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=r1GRA9v6lyiwPrrpZ%2BVm9xsgbEJeJuDLrHe5w7DyS%2FD33hLkxe2NkpHRMOtTvZb%2BqIsOT03pmchAJZkpZE8HXx%2Fw%2B7lgYxYdmoleLgNlXwMmToHPtB0QAL998ZAKJz48vG1JN6c2tgiWAiXM%2F%2Fxepg%3D%3D; Max-Age=31536000; Expires=Thu, 08-Feb-2024 21:21:29 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wrof6p4q7qdjq5gmis347g7e&aff_click_id=1020bafa31838594c6fc0427a3316c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&source=75077_95	3.218.135.42	303 See Other	376 B
URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wrof6p4q7qdjq5gmis347g7e&aff_click_id=1020bafa31838594c6fc0427a3316c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&source=75077_95 IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (376), with no line terminators Size 376 B (376 bytes) Hash 62445798b8486a73f8522a0ca1d5059a 1e88b71adfe9914b6c7cfc2ecbeb639af7ab940b 6108e097b11d30ebd52135af084ff7aba7b8190de0044df23a1209186b478c12 HTTP Headers GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wrof6p4q7qdjq5gmis347g7e&aff_click_id=1020bafa31838594c6fc0427a3316c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&source=75077_95 HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: aff_ran_url_3785=26412; enc_aff_session_3785=ENC03033b474110936000cedccc0ee1725caf7885e5b1a5fe90fecb3237aff362bff44c171d3e18150a0cc17d7140f86d4218472323d1946d2b02a4fe5880ca7e1b6fe6d2c85506157504630b7cea459220594e989013237b54abe80a3eeaf3b1bb860eede1414121c73ae97c34371e36ca2a69e76cf4579e633f0d43b41bb9a322e6273d10449f378c1e4cbd746f45ad94be9052d980da62c537f0ab942062694b14b5a5a8f63b82d1cc275431035d5c41a128a116843ab87779b2b88b6d22325503020d2a8d; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 303 See Other server: nginx/1.19.0 date: Wed, 08 Feb 2023 21:21:29 GMT content-type: text/html; charset=utf-8 content-length: 376 location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10230303cf3544dff62570111d134b&bo=2753%2C2754%2C2755%2C2756 set-cookie: enc_aff_session_8373=ENC03ea9c01796eb1e67d4682b28699fed9b96198a84c1d2d3f0af0e71a0184f68f21960fc1d61c6bfb5bdc5e62afd6e8413103e62ba8f59417007ee8a0883a2c7a61978cab9f3d1752ea25d9edc8d9b0aea16ade992f818cc84adca33f75e57c1bfbc91cfabbee33f5a932996a1df85ddb6be227a07261ba4169dcf85ff3e1e8a3e21d77c98af581ccd16f670784429260a5c574cb19145781a9d0c8d1e32d7717d7a4c35ad2fd5f904bc8c042d4ee3af8a56833f1ee45ee0c1985d660e67c4fe04c053abce6; Path=/; Expires=Fri, 07 Feb 2025 21:21:29 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sat, 03 Jan 2026 08:01:29 GMT; Secure tracking_id: 10230303cf3544dff62570111d134b vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/3HtowcmIRnI	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d98d40804076385e328d2a632c19e9d3 7ae009b98f631670a858b51d0474fa9ad5663fce c7b8357e77f0dfa6591e024b329504ff5edb1ecbd6a321fbbbe0d334434a4a86 HTTP Headers `POST /s/gts1p5/3HtowcmIRnI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:29 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	54.186.165.49	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.186.165.49:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: u6rbDUWzSgs3ZxbJ8qNV2w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: LTsYcr3Gdi4HOFCDAE6AxJIFDKA=`

	tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10230303cf3544dff62570111d134b&bo=2753%2C2754%2C2755%2C2756	172.67.190.127	302 Found	0 B
URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10230303cf3544dff62570111d134b&bo=2753%2C2754%2C2755%2C2756 IP 172.67.190.127:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10230303cf3544dff62570111d134b&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: tracking.t0r4.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Wed, 08 Feb 2023 21:21:29 GMT content-length: 0 location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e412591c3a1300019d9f88 x-adjust-use-original-forwarded-for: 1 set-cookie: afclick=63e412591c3a1300019d9f88; expires=Thu, 08 Feb 2024 21:21:29 GMT; secure; SameSite=None afoffers={"1085":1675891289}; expires=Thu, 08 Feb 2024 21:21:29 GMT; secure; SameSite=None access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb6v2hi3It8Buds6rqQig%2F84TvqF0W2d5VUDfHaxSPpzaAdryf8blEFmdyUo7%2FkHbks%2B%2B3Wu33shLT6%2FoTlJIJ0ciDTzsCVd1XaI91OS2IYDEYSSfjHXwVuGxlcDKPtdzyn54Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 79676a500bb5b4f4-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/3HtowcmIRnI	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d98d40804076385e328d2a632c19e9d3 7ae009b98f631670a858b51d0474fa9ad5663fce c7b8357e77f0dfa6591e024b329504ff5edb1ecbd6a321fbbbe0d334434a4a86 HTTP Headers `POST /s/gts1p5/3HtowcmIRnI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:29 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e412591c3a1300019d9f88	18.184.38.55	302 Found	0 B
URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e412591c3a1300019d9f88 IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e412591c3a1300019d9f88 HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Wed, 08 Feb 2023 21:21:29 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 pragma: no-cache set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=MjLgRp8DyCDkZp-zUQbNTZixw0rp_JSn0NxpONdMLMI; Max-Age=86400; Expires=Thu, 09-Feb-2023 21:21:29 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=F%2BkTYmGGTDfOQJtGKDGJ0sbm86Tn8G0gaXz3oQkO%2BVvcg7dgUwR1SwGZ5JJrswORt7L2YddwFEzq8lORhVEieGD0GJKzPtxP07%2BBe3YsrfIiZMfkOGwr7zGRZEwInFIoyLYCCtfSjg9U%2FxoqXMPzhw%3D%3D; Max-Age=31536000; Expires=Thu, 08-Feb-2024 21:21:29 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 06f5ec897246fe730624e698b8819abb 7b7d454a4a3f122ba02ea26514241063ebb731c9 2a0bea5d9ec45d588046e7a8f375828beaff035da677cf252d30d81a580d273e HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Wed, 08 Feb 2023 21:21:30 GMT Last-Modified: Wed, 08 Feb 2023 20:53:11 GMT Server: ECS (bsa/EB1B) X-Cache: Miss from cloudfront Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: kOAVfZFVsHDuKc2a29_bwn79crQ27rDJrycWCiZMVMY49SXM93IOew== Age: 1699`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 44fc0cb48c26edb9ce36736707b9182a 62de7faa3e8171c0d38a2e03a604d2545a3ede7f 9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5858 Expires: Wed, 08 Feb 2023 22:59:08 GMT Date: Wed, 08 Feb 2023 21:21:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5858 Expires: Wed, 08 Feb 2023 22:59:08 GMT Date: Wed, 08 Feb 2023 21:21:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5858 Expires: Wed, 08 Feb 2023 22:59:08 GMT Date: Wed, 08 Feb 2023 21:21:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5858 Expires: Wed, 08 Feb 2023 22:59:08 GMT Date: Wed, 08 Feb 2023 21:21:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5858 Expires: Wed, 08 Feb 2023 22:59:08 GMT Date: Wed, 08 Feb 2023 21:21:30 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8644 bytes) Hash 726928e5de19ef978faebbe933c34008 bdaba3ed0c7efb65de88af96063d830683c8499b c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8644 x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f_OjRHBFoAMF4_Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0 x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 21:42:03 GMT age: 85167 etag: "bdaba3ed0c7efb65de88af96063d830683c8499b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (4961 bytes) Hash 544181f4aba24fc687a14522dd20f720 2b117270563b8c466ec774acce55271c38f6135b 607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4961 x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fswe1GeRoAMFiAA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Wed, 08 Feb 2023 15:13:11 GMT age: 22099 etag: "2b117270563b8c466ec774acce55271c38f6135b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10202 bytes) Hash f175de8eebe398f5de2829cd551b3f04 e6da63e9b03289bfded190d999a20da78232437c b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10202 x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f_PEYFZOoAMFzEA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0 x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 22:13:47 GMT etag: "e6da63e9b03289bfded190d999a20da78232437c" content-type: image/jpeg age: 83263 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6838 bytes) Hash 4b327816bc2c6fd7291c75c693685d54 771070be61d0724b1c90ca86ea34c804bd7e501a d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6838 x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f_O7QEsCoAMFY1w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0 x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 21:53:56 GMT age: 84454 etag: "771070be61d0724b1c90ca86ea34c804bd7e501a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6805 bytes) Hash c8f31c82179856e39ee5fc43d7f0b685 5b37f807a19ffc80c0b9334e6d24d5bb717496ce c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6805 x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f_PHwEn4IAMFvFg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0 x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 22:19:17 GMT age: 82933 etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10058 bytes) Hash a9c2a9eee923b84d4e06438a8b2acaff 520b122e3ce52220af153fee26bb7067283f9075 9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10058 x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f_O5vEgcoAMFctg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0 x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 22:06:05 GMT age: 83725 etag: "520b122e3ce52220af153fee26bb7067283f9075" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	v2.trckguardlnk.com/favicon.ico	35.156.69.71	404 Not Found	0 B
URL HTTP/2 v2.trckguardlnk.com/favicon.ico IP 35.156.69.71:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: v2.trckguardlnk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; U-144a3f71a03ab7c4f46f9656608efdb2=unique; o_144a3f71a03ab7c4f46f9656608efdb2=4575c53e-63e6-4ea7-a30f-8de4e63b8ccf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found server: awselb/2.0 date: Wed, 08 Feb 2023 21:21:30 GMT content-type: text/plain; charset=utf-8 content-length: 0 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 986afab4bad851da3c4a2b8db670c876 c58b7142ce3bebda918b77649973715dbd71b4d2 24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg	142.250.74.163	200 OK	438 B
URL HTTP/2 fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg IP 142.250.74.163:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (742), with no line terminators Size 438 B (438 bytes) Hash 55034acc07f2e9996714f3a26001a021 466900a397cef93422a85bd415fa47101e1f6832 d7e3613dad665c5681aa7d2896f9f840e117b0275db09e16070ed6e06fb5ea0c HTTP Headers `GET /s/i/productlogos/googleg/v6/24px.svg HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-length: 438 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 05 Feb 2023 11:54:27 GMT expires: Mon, 05 Feb 2024 11:54:27 GMT cache-control: public, max-age=31536000 last-modified: Wed, 20 Apr 2022 17:17:30 GMT content-type: image/svg+xml age: 293224 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/inputtools/images/tia.png	142.250.74.99	200 OK	151 B
URL HTTP/2 www.gstatic.com/inputtools/images/tia.png IP 142.250.74.99:0 ASN #15169 GOOGLE File type PNG image data, 19 x 11, 8-bit/color RGBA, non-interlaced\012- data Size 151 B (151 bytes) Hash 0667c2bf932c77b80ef533c5dc1bd7ff 18015c76d9b6861d576841652e6963dad26a3e35 4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c HTTP Headers `GET /inputtools/images/tia.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Origin content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/inputtools cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="inputtools" report-to: {"group":"inputtools","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/inputtools"}]} content-length: 151 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 06 Feb 2023 13:23:19 GMT expires: Tue, 06 Feb 2024 13:23:19 GMT cache-control: public, max-age=31536000 age: 201492 last-modified: Tue, 03 Mar 2020 20:15:00 GMT content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 986afab4bad851da3c4a2b8db670c876 c58b7142ce3bebda918b77649973715dbd71b4d2 24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/og/_/js/k=og.qtm.en_US.MoL8sT-0rSY.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTsdgFLrSEOm80cF2eQYtQLBwcmzcQ	142.250.74.99	200 OK	66 kB
URL HTTP/2 www.gstatic.com/og/_/js/k=og.qtm.en_US.MoL8sT-0rSY.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTsdgFLrSEOm80cF2eQYtQLBwcmzcQ IP 142.250.74.99:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2130) Size 66 kB (65826 bytes) Hash 01a1c7d185ff7692e3a99d85139c3eb9 e3ba9359d3e283d99070ade1d0e4efcceb00a82f 6d773d3d09b85d38d8e5f0f24aa3efe263c15c89d2c442e935bc0c9fd578e79a HTTP Headers GET /og/_/js/k=og.qtm.en_US.MoL8sT-0rSY.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTsdgFLrSEOm80cF2eQYtQLBwcmzcQ HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding, Origin content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="one-google-eng" report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]} content-length: 65826 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 07 Feb 2023 13:01:27 GMT expires: Wed, 07 Feb 2024 13:01:27 GMT cache-control: public, max-age=31536000 last-modified: Sat, 04 Feb 2023 02:39:27 GMT content-type: text/javascript; charset=UTF-8 age: 116404 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/og/_/ss/k=og.qtm.8upPEZYXXGk.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvwx4oCBFmOAdX2ZmgNoxiOC9nmyQ	142.250.74.99	200 OK	273 B
URL HTTP/2 www.gstatic.com/og/_/ss/k=og.qtm.8upPEZYXXGk.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvwx4oCBFmOAdX2ZmgNoxiOC9nmyQ IP 142.250.74.99:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (386), with no line terminators Size 273 B (273 bytes) Hash a3d202edc4fb1d833921e823577c20ee f55f009bb4d8c70433c1b24b4a4e9c6d48e2daa1 8ed6738b3b9472bb9f21aec263757cefab90926228c2760ad39e4e8cc8f8cda1 HTTP Headers GET /og/_/ss/k=og.qtm.8upPEZYXXGk.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvwx4oCBFmOAdX2ZmgNoxiOC9nmyQ HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding, Origin content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="one-google-eng" report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]} content-length: 273 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 08 Feb 2023 15:04:13 GMT expires: Thu, 08 Feb 2024 15:04:13 GMT cache-control: public, max-age=31536000 last-modified: Fri, 03 Feb 2023 02:39:43 GMT content-type: text/css; charset=UTF-8 age: 22638 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 986afab4bad851da3c4a2b8db670c876 c58b7142ce3bebda918b77649973715dbd71b4d2 24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6250bcba58c2659a296fe4f3151b1e16 307b32afca5148b6faef5b40284906b649f6d963 d6e8d31cae981d39085629a8bd20894b1612fa2b638a6adef331b34c7e912dac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 08 Feb 2023 21:21:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0	172.217.21.174	200 OK	38 kB
URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0 IP 172.217.21.174:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1448) Size 38 kB (37983 bytes) Hash 8b7b7fbb3b03a6363147f827f1c7548c 1989538f1b6d6f4adebcc4752e2851d87dda996d 42f93e826e154983acb5940d49ea3d36dfb20b2c169867754bfb7ffb2d74e79e HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0 HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Cookie: __Secure-ENID=10.SE=Se4diPdwaur3RUe9tEhrfmrBhS_jr7FwiUYiSYYnszNBn_xe0AehpC4Fo1EMNq-irgBibon_HFcYQFLn850kLcmrYS4_XdXGzglZuKUTXfM7dlObY5OUK5UqYwnW1jlW59BzNB4IwW8W96gP58orCN-OlD07CU4pvCf1skjl1Ok; CONSENT=PENDING+883; AEC=ARSKqsJ89uBGfJqjoo3iUMdR6O5adUUmeDcdn1ETa4fnmJAZkmuU7uKP3o8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 37983 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 07 Feb 2023 05:20:23 GMT expires: Wed, 07 Feb 2024 05:20:23 GMT cache-control: public, max-age=31536000 last-modified: Sat, 07 Jan 2023 15:18:57 GMT content-type: text/javascript; charset=UTF-8 age: 144068 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781	35.156.69.71	302 Found	0 B
URL HTTP/2 v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 IP 35.156.69.71:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /click?a=558&o=2892&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 HTTP/1.1 Host: v2.trckguardlnk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/2 302 Found date: Wed, 08 Feb 2023 21:21:30 GMT content-type: text/html; charset=UTF-8 location: https://v2.trckguardlnk.com/click?a=558&sub_id1=wf67qq02v43mn5gm23k1dsm0&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 server: nginx/1.20.0 x-powered-by: PHP/7.4.21 set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Fri, 10-Mar-2023 21:21:30 GMT; Max-Age=2592000; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL