www42.brone.com/?gp=1&js=0&uuid=1673495453.0227038011&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogInV1aWQ9MTY3MzQ5NTQ0MS4wMTk5MzYzODgwIiwgInJlZmVyZXIiOiAiaHR0cDovL3d3dzQyLmJyb25lLmNvbSIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44In0=
45.33.30.197301 Moved Permanently 0 B URL HTTP/1.1 www42.brone.com/?gp=1&js=0&uuid=1673495453.0227038011&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogInV1aWQ9MTY3MzQ5NTQ0MS4wMTk5MzYzODgwIiwgInJlZmVyZXIiOiAiaHR0cDovL3d3dzQyLmJyb25lLmNvbSIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44In0=
IP 45.33.30.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?gp=1&js=0&uuid=1673495453.0227038011&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogInV1aWQ9MTY3MzQ5NTQ0MS4wMTk5MzYzODgwIiwgInJlZmVyZXIiOiAiaHR0cDovL3d3dzQyLmJyb25lLmNvbSIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44In0= HTTP/1.1
Host: www42.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
server: openresty/1.13.6.1
date: Thu, 12 Jan 2023 03:51:10 GMT
transfer-encoding: chunked
location: http://www42.brone.com/?uuid=1673495453.0227038011
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4826412809ac0196f13ac1ef44e357e5
793c81d2f90cfaa245dc89fc7a6090cbee846b26
11be07342f3aa4e059ddc3149337895d55bc71e30ad045dc72e4cca4be4c6951
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11BE07342F3AA4E059DDC3149337895D55BC71E30AD045DC72E4CCA4BE4C6951"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Thu, 12 Jan 2023 04:28:32 GMT
Date: Thu, 12 Jan 2023 03:51:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7802
Expires: Thu, 12 Jan 2023 06:01:13 GMT
Date: Thu, 12 Jan 2023 03:51:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7423
Expires: Thu, 12 Jan 2023 05:54:54 GMT
Date: Thu, 12 Jan 2023 03:51:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 03:48:42 GMT
content-type: application/json
age: 149
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pEYDEyjedWGyxPLA0g1H5FA5Fjik8mHhLFtM/iF/FNiiz0tmlC6b0M3h4cYGHUA8tlQD36q/zXKVGWuTBp5bzg==
x-amz-request-id: YJ40E40BNCFZH1Y4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 03:02:19 GMT
age: 2932
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 03:51:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www42.brone.com/?uuid=1673495453.0227038011
45.33.30.197200 OK 583 B URL HTTP/1.1 www42.brone.com/?uuid=1673495453.0227038011
IP 45.33.30.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (350)
Hash a61c603ddd6f7dfc006e69c90d057482
08c2fa5ff413e4f2095d3bba770e232789a2649f
433572e1653b9f9cc3f5ab422f469af9c54c6ed7936cdba6db6c143271c5a4b7
Analyzer Verdict Alert fortinet Phishing
GET /?uuid=1673495453.0227038011 HTTP/1.1
Host: www42.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Thu, 12 Jan 2023 03:51:11 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
www42.brone.com/?gp=1&js=1&uuid=1673495471.0135982706&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogInV1aWQ9MTY3MzQ5NTQ1My4wMjI3MDM4MDExIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=
45.33.30.197302 Found 0 B URL HTTP/1.1 www42.brone.com/?gp=1&js=1&uuid=1673495471.0135982706&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogInV1aWQ9MTY3MzQ5NTQ1My4wMjI3MDM4MDExIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=
IP 45.33.30.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?gp=1&js=1&uuid=1673495471.0135982706&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogInV1aWQ9MTY3MzQ5NTQ1My4wMjI3MDM4MDExIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0= HTTP/1.1
Host: www42.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www42.brone.com/?uuid=1673495453.0227038011
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Thu, 12 Jan 2023 03:51:11 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 4
x-mtm-prov: 300:0.00;308:24.25
x-mtm-rd: 0.97
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ3d3c0Mi5icm9uZS5jb20iLCJodHRwOi8vd3d3MS5icm9uZS5jb20vP3RtPTEmc3ViaWQ0PTE2NzM0OTU0NzEuMDEzNTk4MjcwNiZrdz1Db250cmFjdG9yK1N1cHBsaWVzJktXMT1QbHVtYmluZyUyMFN1cHBsaWVzJktXMj1IdmFjJTIwU3VwcGxpZXMmS1czPUVsZWN0cmljYWwlMjBTdXBwbGllcyZLVzQ9VmFsdmVzJTIwYW5kJTIwRml0dGluZ3Mmc2VhcmNoYm94PTAmZG9tYWlubmFtZT0wJmJhY2tmaWxsPTAiLDEsIjIwMjMtMDEtMTIgMDM6NTE6MTEiLDEsIjE2NzM0OTU0NzEuMDEzNTk4MjcwNiIsMzA4LG51bGwsbnVsbF0:1pFocR:k6ulrCvVpiq6adVtuknE2h80XzU; expires=Thu, 12-Jan-2023 04:51:11 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 03:33:45 GMT
age: 1046
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3962
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:11 GMT
Last-Modified: Thu, 12 Jan 2023 02:45:09 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
13.248.148.254200 OK 8.0 kB URL HTTP/1.1 www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
IP 13.248.148.254:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2830)
Hash e584fefe4e15b167fe504e0ea253c4b4
1bd5ce98e50cc38954f1afe95a18a0232a71f06b
fb6549bf49bba79b51f4506c2201eecb7b4c1f5b36ad9a706940e3d92ff8daad
GET /?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 03:51:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YwO8jJ/xKY8doFHB3GpocV6ukVMHqOBBM0YfIn2PjvSSvEbWog94mo6tnetmn1l/Hf8xpp+SENTxonBbtsLcCQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
push.services.mozilla.com/
52.40.156.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.156.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /4aUYpG7Pa+nIyVK082gSA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lsOch5jWOeIpVw9yu4R0j8GFQes=
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1885)
Hash d6709ca1f922bf6cc965b2f4ffb42b46
82187dd3b9ed219cfd8496b06aa1a61579be4b56
e037cae16a6707190f828230f9fac8626f7ed28bf8e5efcf5686e43a076432ec
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.brone.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 12 Jan 2023 03:51:12 GMT
Expires: Thu, 12 Jan 2023 03:51:12 GMT
Cache-Control: private, max-age=3600
ETag: "1455905269057645086"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.brone.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 12 Jan 2023 03:51:12 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
www1.brone.com/track.php?domain=brone.com&toggle=browserjs&uid=MTY3MzQ5NTQ3Mi4yMjU6ODdhNzM3NDAwODMzOGY4ZWNiNGY4ZTY5Mjc3YTkyZTQ5YjVhYTg0YWY1NmYzM2E4ZmE5ZWYyN2RlMmM4NTY5YTo2M2JmODNiMDM2ZWRm
13.248.148.254200 OK 20 B URL HTTP/1.1 www1.brone.com/track.php?domain=brone.com&toggle=browserjs&uid=MTY3MzQ5NTQ3Mi4yMjU6ODdhNzM3NDAwODMzOGY4ZWNiNGY4ZTY5Mjc3YTkyZTQ5YjVhYTg0YWY1NmYzM2E4ZmE5ZWYyN2RlMmM4NTY5YTo2M2JmODNiMDM2ZWRm
IP 13.248.148.254:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=brone.com&toggle=browserjs&uid=MTY3MzQ5NTQ3Mi4yMjU6ODdhNzM3NDAwODMzOGY4ZWNiNGY4ZTY5Mjc3YTkyZTQ5YjVhYTg0YWY1NmYzM2E4ZmE5ZWYyN2RlMmM4NTY5YTo2M2JmODNiMDM2ZWRm HTTP/1.1
Host: www1.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 03:51:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 85ff946a6fdcac5ce6fc5ccacfdb2ab0
e7e1b4f574ac6f03c46833efa11b1b2c8e5e0c7d
6ad8f70cb3c6ede2ba4d2a47ce3baa9cb3b32b1da7b46d523546ef6a58d9be24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.138200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.138:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.brone.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Thu, 12 Jan 2023 02:14:54 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NghPlSCLIXX-dFZ6IjamdcZ5_hMWvaA2WCMU-On5f-YMIR_oIzfpEg==
Age: 5778
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b62c4cff5caed771f4b0d9712fd57933
d61b882d6b59d2162c523efc60c84a46b0ea0671
ff865eac966c662a99fc0e6a5185678174261117cf0c20e4a03bb7e642a54e54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www1.brone.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 240 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www1.brone.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:0
File type ASCII text, with very long lines (358), with no line terminators
Hash a18e940c42edfe77db15b27890d7a85e
57318ff5833e57620f0c95ded1171c4cb9f4fb83
7004322c605b3108534f1325ce084b9d7aff3c3f121540f68aa05c45aeb61598
GET /gampad/cookie.js?domain=www1.brone.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.brone.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 12 Jan 2023 03:51:12 GMT
server: cafe
cache-control: private
content-length: 240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000535%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Plumbing%20Supplies%2CHvac%20Supplies%2CElectrical%20Supplies%2CValves%20and%20Fittings&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301101%2C17301102%2C17301103&format=r4%7Cs&nocache=6471673495457864&num=0&output=afd_ads&domain_name=www1.brone.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1673495457865&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.brone.com%2F%3Ftm%3D1%26subid4%3D1673495471.0135982706%26kw%3DContractor%2BSupplies%26KW1%3DPlumbing%2520Supplies%26KW2%3DHvac%2520Supplies%26KW3%3DElectrical%2520Supplies%26KW4%3DValves%2520and%2520Fittings%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530
142.250.74.132200 OK 2.2 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000535%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Plumbing%20Supplies%2CHvac%20Supplies%2CElectrical%20Supplies%2CValves%20and%20Fittings&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301101%2C17301102%2C17301103&format=r4%7Cs&nocache=6471673495457864&num=0&output=afd_ads&domain_name=www1.brone.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1673495457865&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.brone.com%2F%3Ftm%3D1%26subid4%3D1673495471.0135982706%26kw%3DContractor%2BSupplies%26KW1%3DPlumbing%2520Supplies%26KW2%3DHvac%2520Supplies%26KW3%3DElectrical%2520Supplies%26KW4%3DValves%2520and%2520Fittings%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6372)
Hash cf7b02f43702d0b3a3bdf953640834d0
697fb838ce4b6764c9af32c07235aaea7ba0b282
1caaba339bec603e993b7eee12a7ce9d5b777732ebd66e424e4ee71efda8668e
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000535%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Plumbing%20Supplies%2CHvac%20Supplies%2CElectrical%20Supplies%2CValves%20and%20Fittings&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301101%2C17301102%2C17301103&format=r4%7Cs&nocache=6471673495457864&num=0&output=afd_ads&domain_name=www1.brone.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1673495457865&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.brone.com%2F%3Ftm%3D1%26subid4%3D1673495471.0135982706%26kw%3DContractor%2BSupplies%26KW1%3DPlumbing%2520Supplies%26KW2%3DHvac%2520Supplies%26KW3%3DElectrical%2520Supplies%26KW4%3DValves%2520and%2520Fittings%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.brone.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 12 Jan 2023 03:51:12 GMT
expires: Thu, 12 Jan 2023 03:51:12 GMT
cache-control: private, max-age=3600
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2195
x-xss-protection: 0
set-cookie: CONSENT=PENDING+885; expires=Sat, 11-Jan-2025 03:51:12 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b62c4cff5caed771f4b0d9712fd57933
d61b882d6b59d2162c523efc60c84a46b0ea0671
ff865eac966c662a99fc0e6a5185678174261117cf0c20e4a03bb7e642a54e54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9ee9070e153bc0be89878860ca024177
a207ab2c4efdf959110cdbf0ca1e2a4ad41ca2a4
0bbd0335d60ede5782096cc8dc60293f60c24fc0c6285b33f2a9663615afc66d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www1.brone.com/favicon.ico
13.248.148.254200 OK 0 B URL HTTP/1.1 www1.brone.com/favicon.ico
IP 13.248.148.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 03:51:12 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4c8ff7e9cce677ddf122f5c34fc2873
dedcdaa22d7c2fc211a2f686551d8e7d3d7cc2be
81adc43d6f344d53166d41130913eed5d71c7f5a4668cc99d987165e368512c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4c8ff7e9cce677ddf122f5c34fc2873
dedcdaa22d7c2fc211a2f686551d8e7d3d7cc2be
81adc43d6f344d53166d41130913eed5d71c7f5a4668cc99d987165e368512c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 03:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.97200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:45:09 GMT
expires: Thu, 12 Jan 2023 13:45:09 GMT
cache-control: public, max-age=82800
age: 47164
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:00:21 GMT
expires: Thu, 12 Jan 2023 13:00:21 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
age: 49852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www1.brone.com/ls.php
13.248.148.254201 Created 0 B IP 13.248.148.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /ls.php HTTP/1.1
Host: www1.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2782
Origin: http://www1.brone.com
Connection: keep-alive
Referer: http://www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
Cookie: GoogleAdServingTest=Good
HTTP/1.1 201 Created
Date: Thu, 12 Jan 2023 03:51:13 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63bf83b0e4fda33b6763227d
Charset: utf-8
Access-Control-Allow-Origin: http://www1.brone.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_jvbvFqfBccNRz+Zcr12jBthJkI+V/fcHhcZa35+FVrbTgcF2Rmz9RSWxFhD8OsMQSKtbEzTyQhAsQvvJIcZAaw==
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
Hash aa09de1c71c7919cb4002f508935f095
18811806c46e5a1b4541fb8ce4fd06f36d7f0b8d
e18f64aafc447ae4d7a41777871d77b1ac2bc876f86814594da438afc2940b36
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 12 Jan 2023 03:51:12 GMT
expires: Thu, 12 Jan 2023 03:51:12 GMT
cache-control: private, max-age=3600
etag: "10662505423787015863"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www1.brone.com/track.php?domain=brone.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MzQ5NTQ3Mi4yMjU6ODdhNzM3NDAwODMzOGY4ZWNiNGY4ZTY5Mjc3YTkyZTQ5YjVhYTg0YWY1NmYzM2E4ZmE5ZWYyN2RlMmM4NTY5YTo2M2JmODNiMDM2ZWRm
13.248.148.254200 OK 20 B URL HTTP/1.1 www1.brone.com/track.php?domain=brone.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MzQ5NTQ3Mi4yMjU6ODdhNzM3NDAwODMzOGY4ZWNiNGY4ZTY5Mjc3YTkyZTQ5YjVhYTg0YWY1NmYzM2E4ZmE5ZWYyN2RlMmM4NTY5YTo2M2JmODNiMDM2ZWRm
IP 13.248.148.254:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=brone.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MzQ5NTQ3Mi4yMjU6ODdhNzM3NDAwODMzOGY4ZWNiNGY4ZTY5Mjc3YTkyZTQ5YjVhYTg0YWY1NmYzM2E4ZmE5ZWYyN2RlMmM4NTY5YTo2M2JmODNiMDM2ZWRm HTTP/1.1
Host: www1.brone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.brone.com/?tm=1&subid4=1673495471.0135982706&kw=Contractor+Supplies&KW1=Plumbing%20Supplies&KW2=Hvac%20Supplies&KW3=Electrical%20Supplies&KW4=Valves%20and%20Fittings&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=41067fcc97c69144:T=1673495472:S=ALNI_MZy90sYyAzWCSqLdD1VHdNSTB1LUg
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 03:51:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14861
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 03:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14861
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 03:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14861
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 03:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14861
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 03:51:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22a4489-907e-41d1-a3c4-0bd5db5ac59f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22a4489-907e-41d1-a3c4-0bd5db5ac59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67d9ca44a78b9b593d31c32cc1ec0655
9090df1b5923b1793260d178c8b19ff385f1095e
f9625214c4004f92986197fa0a33ea9b5f500d0022b848e36dfb8d30d902e755
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22a4489-907e-41d1-a3c4-0bd5db5ac59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8001
x-amzn-requestid: e1573cf8-f5db-42b0-a213-e5d711ce5ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9qGSjoAMFdlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-6df5b9034430866f298db329;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oOgqk6PGKN2maHDryIi2YkmzQnhnnLT8OGGJB_EpKeSuISJ6etijiQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:23:58 GMT
age: 1635
etag: "9090df1b5923b1793260d178c8b19ff385f1095e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FC9xd9brDeAOtHjXnkpSO0IOX1rLjGRVkuBguuwJ2xFDTq0x9-QtaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 21371
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9ed673-5e14-421a-b091-d4c13fd3d6b2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9ed673-5e14-421a-b091-d4c13fd3d6b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5286a691d936e7959dc11b8fb24e80cf
e7cf1f3dbce034c55419f3271df7193e9636e41f
4d6cbe5f9e03ce2349ae88c0b352b04a684ab3e7743b88bdbf5e0ab9e00b58b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9ed673-5e14-421a-b091-d4c13fd3d6b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 5659da9c-ec1e-47f0-bd7c-00977af0b7fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPWoEpiIAMF5tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2c2a-7022c92c1a8d63545b276013;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DnqPwg6KqLNXKElbwdHEi2AxHxMom7LB_ewICViCSgJhCYp8p5riZw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:16:40 GMT
age: 20073
etag: "e7cf1f3dbce034c55419f3271df7193e9636e41f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F633a379b-4f04-4c97-a4ad-ac3967771ea1.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F633a379b-4f04-4c97-a4ad-ac3967771ea1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9be3b634a107ab3c50ea17ab16ece2d2
b55aa3b2ec6ff4a9c283082a258dc03f88a927a3
762136c5122025c20e0c009b0f472a92dee3f60c9f840902f02eb20c374d68b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F633a379b-4f04-4c97-a4ad-ac3967771ea1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8306
x-amzn-requestid: 4d8c84ee-56ab-43cf-ae3a-a4590a7ffbfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WuGZSIAMFlVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-79947c8e3751e9b2685dbbc6;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JW6m1n4_cHuiOXmnm_4098rh1_hzGWI_fHIUalGm8dCxnJCrKkZpug==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 10:09:46 GMT
age: 63687
etag: "b55aa3b2ec6ff4a9c283082a258dc03f88a927a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe2c648d-d325-4f3a-981c-274a999706df.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe2c648d-d325-4f3a-981c-274a999706df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36d83265b27b7832b8a27da748e35436
7f63a5d14c3b45808a8566aa9a8af11ad1a2a018
d78d767b01f50ea37bd9a2fdb5107b2e7aa059d736fa629da69dbdcedf8168bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe2c648d-d325-4f3a-981c-274a999706df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4545
x-amzn-requestid: 0e4cd0c3-c043-44e3-adf8-d813b0529279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egaAIFzmoAMF0Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6cd-5c7fdbad4a8d9f61244cfb6e;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:09:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZIrePFTNGpF2KqJAFfNVLXdYoZgmU1c9uDwK5nCO5fPcParggUEHXg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:36:11 GMT
age: 902
etag: "7f63a5d14c3b45808a8566aa9a8af11ad1a2a018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b47c36b-0877-478c-a3a5-7add7a4b6418.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b47c36b-0877-478c-a3a5-7add7a4b6418.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad636bb0e7ac252b0e1df921803c482c
66a5343cf7ab0178bc757fad6f31a57d989dca7d
e8c00e9af5471b3dda11721740aacb215a9197e8bc3f81a2fa3f7eab92063c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b47c36b-0877-478c-a3a5-7add7a4b6418.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11850
x-amzn-requestid: 15d72f03-a32d-4de0-a8d4-1559be1f3575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWFSqIAMFsvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-7b7a6f7e5936863a38937280;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a49EPrEooUvSWpdX2SoPQpJ71VmxeKA1GqCRVnSUWn-TZ33l9wqS5Q==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:04:57 GMT
age: 20776
etag: "66a5343cf7ab0178bc757fad6f31a57d989dca7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2