Report - aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/

Report Overview

Submitted URL
aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/
IP
198.251.84.49
ASN
#53667 PONYNET
Submitted
2023-01-19 02:52:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
32
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.0 kB	93.184.220.29
static.addtoany.com	4091	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.7 kB	104.22.70.197
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	21 kB	142.250.74.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	46 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	5.5 kB	198.251.84.49
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.33.119.27
www.privateinternetaccess.com	40990	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	526 B	12 kB	104.16.41.63
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	45 kB	142.250.74.40
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.242.3.166
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	877 B	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-19 02:52:32	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:32	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)
2023-01-19 02:52:34	high	Client IP	Internal IP	ET POLICY DNS Query to .onion proxy domain (onion .pet)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	static.addtoany.com/menu/svg/icons/facebook.js	318 B	2023-03-08	2023-10-29
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2023-10-29 06:42:20 Times Seen3991 Hash bd42caff99f3e28c34363fa883363984 e6c80f5fdc2811e497e314aba3d9fa1137e1daa0 3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c Loading...

	aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/	155 B	2023-03-07	2023-03-14
Pretty URL aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ IP 198.251.84.49 ASN #53667 PONYNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:18 Last Seen2023-03-14 16:21:47 Times Seen1 Hash 3804515cae2807d3ddf756b4e242960b 632328bf324892ee94f62b49fed2e353091a4076 8e597482ee6ca8765e854ab2e637746a56461b0d63d2172bc8999d1f55e7c4f2 Loading...

	www.googletagmanager.com/gtag/js?id=UA-111355066-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-111355066-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:43:27 Last Seen2023-03-13 02:43:27 Times Seen1 Hash 5e35002217133a6b3d8e5ee98cc7922e 221e9dfdf4e699a9fdb92236c39be4f0c18bf449 e5e11591d2c55e9b2da93b68db0097932d6955a89b3ce1651a70a0a781da4349 Loading...

	static.addtoany.com/menu/sm.24.html#type=core&event=load	551 B	2023-03-08	2023-04-05
Pretty URL static.addtoany.com/menu/sm.24.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2023-04-05 02:10:42 Times Seen517 Hash d51b83b6cab0a31d7e631829656a22b1 cd7bc9245b65c5c851e03a04541d4785c550b1f4 82e320c0c3f2224c9bdeadab1078c0e5b4b705b8e2da82700b6f305bbdf380f9 Loading...

	static.addtoany.com/menu/svg/icons/a2a.js	182 B	2023-03-08	2024-04-26
Pretty URL static.addtoany.com/menu/svg/icons/a2a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-26 00:31:43 Times Seen4220 Hash baf0595a19bdc7f7497b74731d2166c4 fd5714384c52fc0338083574434d12328313896c 3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	695 B	2023-03-08	2024-04-11
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:33 Last Seen2024-04-11 22:41:57 Times Seen4985 Hash 27cd96b1f5736097c53caaeb6d2dc62c 2f853bd93d200defae6f66090d0746ecee3e71d6 74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	929 B	2023-03-08	2023-11-09
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:23 Last Seen2023-11-09 14:34:58 Times Seen715 Hash d50e42f61f1d3dbc1633a4ff5eed88a1 cadabf0478cb26debca880e64243fecd79051318 16ea98df371c043e34589b849544118a55801022a4898cb4809c63af0cade307 Loading...

	static.addtoany.com/menu/page.js	3.1 kB	2023-03-12	2023-10-24
Pretty URL static.addtoany.com/menu/page.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:04:09 Last Seen2023-10-24 05:00:50 Times Seen1940 Hash ce36bcabfd02e6132ece55637827631b 7513229734b52ac8f7ef86273b7fd263249a691b 2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812 Loading...

	static.addtoany.com/menu/modules/core.26680508.js	71 kB	2023-03-12	2024-04-14
Pretty URL static.addtoany.com/menu/modules/core.26680508.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:04:10 Last Seen2024-04-14 12:45:18 Times Seen2677 Hash 4ddbe13185968a307e265ee10588d974 d943845db5f4b564f6eafd4048e76b9dee329f80 73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	static.addtoany.com/menu/svg/icons/pinterest.js	803 B	2023-03-08	2023-11-01
Pretty URL static.addtoany.com/menu/svg/icons/pinterest.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:23 Last Seen2023-11-01 23:17:53 Times Seen675 Hash 646a29b9053e5cd29b66854bb58e88b8 420fb260fb73789b5df8721c38491c302bd00031 eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab Loading...

HTTP Transactions (33)

	URL	IP	Response	Size
	aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/	198.251.84.49	200 OK	2.6 kB
URL HTTP/1.1 aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ IP 198.251.84.49:0 ASN #53667 PONYNET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 2.6 kB (2558 bytes) Hash 142938712f9f46d9e00185f5f0a8bf07 bf4431bedc5ab9b40de3ebeb6ca3bd8fee2f10b0 a7a8f3125d54e6d8d8c52a6e138e16de4d077bc934155aa1b5bc64285804e6bc HTTP Headers `GET / HTTP/1.1 Host: aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Thu, 19 Jan 2023 02:52:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 648bf42163c5d645d8a33cd0a9afebd0 9b9ac85435c4e90647e8379bca54c689058a8929 060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12140 Expires: Thu, 19 Jan 2023 06:14:53 GMT Date: Thu, 19 Jan 2023 02:52:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cc07d664b5dadee6f9120d54904dfa57 df75a55b0b2019684a6c512bee528c51a2c4a756 14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20527 Expires: Thu, 19 Jan 2023 08:34:40 GMT Date: Thu, 19 Jan 2023 02:52:33 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 19 Jan 2023 02:49:25 GMT content-type: application/json age: 188 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 6c8239f3894cfba54d1f3a9ea1c85db5 a70f2b3bf79f2aa26b0cc0340dd182565c3eb946 64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4772 Expires: Thu, 19 Jan 2023 04:12:05 GMT Date: Thu, 19 Jan 2023 02:52:33 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: FCuYugr9gh05Mm1BuRNyXFFmAHpbpShO+fqQh/ywwoxp45Zxj73WNCCbHmRJhhrQKoq/FBrovU+LutCLKwee6w== x-amz-request-id: 9M85RB8MRFY93DP7 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 19 Jan 2023 02:45:42 GMT age: 411 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 19 Jan 2023 02:52:33 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 783c01fa14ade2316e22ead869b3dbf8 71e20a947b3a9e10cb2bf046e2ca3da294d97f70 9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 19 Jan 2023 02:52:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.privateinternetaccess.com/assets/tor-logo-large-89ac1c118b86d69953fff1ab31128550fcce9a74162e9b3fb7d0fc4bfd83e1ed.png	104.16.41.63	200 OK	12 kB
URL HTTP/2 www.privateinternetaccess.com/assets/tor-logo-large-89ac1c118b86d69953fff1ab31128550fcce9a74162e9b3fb7d0fc4bfd83e1ed.png IP 104.16.41.63:0 ASN #13335 CLOUDFLARENET File type RIFF (little-endian) data, Web/P image\012- data Size 12 kB (11544 bytes) Hash 8117070bcabfa38d257c44648d42d1fd 83d719c007b504fea97eb52434158201faa3da3b 351d8fac10caeb2f22a4d20da29257a1acef7f0f99fc51b3df33319614c8d641 HTTP Headers GET /assets/tor-logo-large-89ac1c118b86d69953fff1ab31128550fcce9a74162e9b3fb7d0fc4bfd83e1ed.png HTTP/1.1 Host: www.privateinternetaccess.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Thu, 19 Jan 2023 02:52:33 GMT content-type: image/webp content-length: 11544 access-control-allow-headers: Content-Type, X-Requested-With access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-origin: * cache-control: public, max-age=31536000 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=15612 content-disposition: inline; filename="tor-logo-large-89ac1c118b86d69953fff1ab31128550fcce9a74162e9b3fb7d0fc4bfd83e1ed.webp" content-security-policy: frame-ancestors 'self'; etag: "3cfc-5f049672f8680" expires: Fri, 19 Jan 2024 02:52:33 GMT last-modified: Tue, 20 Dec 2022 21:48:58 GMT strict-transport-security: max-age=15552000; includeSubDomains vary: Accept x-frame-options: SAMEORIGIN x-powered-by: PIA cf-cache-status: HIT age: 13409 accept-ranges: bytes server: cloudflare cf-ray: 78bc46663c9e15f0-ARN alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash e13e98252ea2ab016b214e77f0bd893c 29fca3d2d453003996783648abe1b36a3ec4ab53 db210f6fdb0216ced8d9f077f2e40998c7816afe17682879b4c1fa336106d4ca HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1159 Cache-Control: max-age=134857 Content-Type: application/ocsp-response Date: Thu, 19 Jan 2023 02:52:33 GMT Etag: "63c817b3-118" Expires: Fri, 20 Jan 2023 16:20:10 GMT Last-Modified: Wed, 18 Jan 2023 16:00:51 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 280`

	www.googletagmanager.com/gtag/js?id=UA-111355066-1	142.250.74.40	200 OK	44 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-111355066-1 IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1921) Size 44 kB (44000 bytes) Hash 38a335360bbbf3e8f66f972509c923ac a022b3bfaa858678e1b078c2912762ab84c9a52b 59f0d4586ac141ad61c344e0d011e201c3505609a3d47ccb7abc3525a27b1394 HTTP Headers `GET /gtag/js?id=UA-111355066-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 19 Jan 2023 02:52:33 GMT expires: Thu, 19 Jan 2023 02:52:33 GMT cache-control: private, max-age=900 last-modified: Thu, 19 Jan 2023 01:41:40 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44000 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash e13e98252ea2ab016b214e77f0bd893c 29fca3d2d453003996783648abe1b36a3ec4ab53 db210f6fdb0216ced8d9f077f2e40998c7816afe17682879b4c1fa336106d4ca HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1159 Cache-Control: max-age=134857 Content-Type: application/ocsp-response Date: Thu, 19 Jan 2023 02:52:33 GMT Etag: "63c817b3-118" Expires: Fri, 20 Jan 2023 16:20:10 GMT Last-Modified: Wed, 18 Jan 2023 16:00:51 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 280`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 783c01fa14ade2316e22ead869b3dbf8 71e20a947b3a9e10cb2bf046e2ca3da294d97f70 9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 19 Jan 2023 02:52:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/favicon.ico	198.251.84.49	200 OK	2.6 kB
URL HTTP/1.1 aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/favicon.ico IP 198.251.84.49:0 ASN #53667 PONYNET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 2.6 kB (2558 bytes) Hash 142938712f9f46d9e00185f5f0a8bf07 bf4431bedc5ab9b40de3ebeb6ca3bd8fee2f10b0 a7a8f3125d54e6d8d8c52a6e138e16de4d077bc934155aa1b5bc64285804e6bc HTTP Headers `GET /favicon.ico HTTP/1.1 Host: aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/` `HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Thu, 19 Jan 2023 02:52:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip`

	www.google-analytics.com/analytics.js	142.250.74.14	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.14:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Thu, 19 Jan 2023 01:45:20 GMT expires: Thu, 19 Jan 2023 03:45:20 GMT cache-control: public, max-age=7200 age: 4034 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 19 Jan 2023 02:48:57 GMT age: 217 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 79af32d8e279b4cfec147ab51cb6fcb3 d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6 bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4677 Cache-Control: max-age=113531 Content-Type: application/ocsp-response Date: Thu, 19 Jan 2023 02:52:34 GMT Etag: "63c7b6a8-1d7" Expires: Fri, 20 Jan 2023 10:24:45 GMT Last-Modified: Wed, 18 Jan 2023 09:06:48 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 471`

	push.services.mozilla.com/	44.242.3.166	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.242.3.166:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 3rNvfWcHMJZxLirQPM6GBw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kZXNs0zl3G0v4FxtLzpzQxJW5zM=`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16608 Expires: Thu, 19 Jan 2023 07:29:23 GMT Date: Thu, 19 Jan 2023 02:52:35 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16608 Expires: Thu, 19 Jan 2023 07:29:23 GMT Date: Thu, 19 Jan 2023 02:52:35 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16608 Expires: Thu, 19 Jan 2023 07:29:23 GMT Date: Thu, 19 Jan 2023 02:52:35 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16608 Expires: Thu, 19 Jan 2023 07:29:23 GMT Date: Thu, 19 Jan 2023 02:52:35 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2" Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16608 Expires: Thu, 19 Jan 2023 07:29:23 GMT Date: Thu, 19 Jan 2023 02:52:35 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5005 bytes) Hash 2b8f931fb5afe958e67fce9e1822dac4 5732887999b819f6facc6f4608a407b5a09adf75 3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5005 x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e5qLKEX6IAMFX0g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Ge_XozSe44BAhC-fFiu-u8Oa4jd8Uctn4O3fmdLCavhYpcSVrhNMww== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Wed, 18 Jan 2023 17:42:33 GMT age: 33002 etag: "5732887999b819f6facc6f4608a407b5a09adf75" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg	34.120.237.76	200 OK	6.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.9 kB (6908 bytes) Hash b015242ebdda9cc22cfe6741d2e926f1 76072223007cd11c6f7b9fda8f01818ab0fea740 b7a72c737cac91c83c39718de999bc6ff0ec4ede63342e86407190d95e60d9a1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6908 x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eq1qQHwYIAMF-IQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0 x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WdNoHBL4A3J_FHp8V9HLUMNKmEPIw-lstt0OdqYJtcUGfMRZJXPdwQ== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Wed, 18 Jan 2023 11:34:07 GMT age: 55108 etag: "76072223007cd11c6f7b9fda8f01818ab0fea740" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9916 bytes) Hash 511bbd0c410838e4a978d471d361d876 706be1b2636ad65bf5fe78ef7301af472c015275 e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9916 x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e96pVF61oAMF76g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0 x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: foivwn43ar3fumR0-_7dX_YCcmM4s-LNWUIlGnwGb1kaXpVIi4sr7Q== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Thu, 19 Jan 2023 02:15:16 GMT age: 2239 etag: "706be1b2636ad65bf5fe78ef7301af472c015275" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg	34.120.237.76	200 OK	7.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type data Size 7.0 kB (7027 bytes) Hash 1aaa866dfb3beb740d924785ad9ea9f5 d79a5d4d68d2e3184202b0b34d797b5cfad9bb33 735a490279adaa23beeff6251b5bf8dc38d1372f19f83c1718aed2098fae3670 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6902 x-amzn-requestid: eac4818f-27cf-4e74-967f-ba9b761e236f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e0uNuF0QIAMFUEg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c4f724-3a8ae0ba482b10f04c90c3b5;Sampled=0 x-amzn-remapped-date: Mon, 16 Jan 2023 07:05:08 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 8uwQeDL64wUC-aQ8iITazLJGnwtiIxRyaXN1QXP5kmfT3f1w9RQ-2Q== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Wed, 18 Jan 2023 07:36:04 GMT age: 69391 etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg	34.120.237.76	200 OK	3.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.3 kB (3258 bytes) Hash a0322b0c1c8ccba218bb838b9a08236b 2019b85538667589467bd7330d5c14e81d0a0219 206ed7eb5ba89c76c42b01a7fbf354b9417dd87d8149847b28dab0cb1c887198 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3258 x-amzn-requestid: efeaacb9-f9b6-45ea-b457-dd2186113d7a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e9704FE2IAMFw9w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c8a685-5c761cba0ef3eb1e0849aac1;Sampled=0 x-amzn-remapped-date: Thu, 19 Jan 2023 02:10:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Ja6gtQbUWud7hCAcoQ5R1zHQROQUC9rQ_LycuQK3BqQT_5GIUz4Q_w== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Thu, 19 Jan 2023 02:15:16 GMT age: 2239 etag: "2019b85538667589467bd7330d5c14e81d0a0219" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg	34.120.237.76	200 OK	7.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.9 kB (7864 bytes) Hash 7817aa566a3271f82153811b756bb90f 6be8688f3b8d2f053afed5c09d00e71ad9210258 1ec4a11d1598683001714eb1a130c5ba96c37aef0e43623a17780f848543b1c9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7864 x-amzn-requestid: 932e4550-d62d-448d-b60d-d3c62944c86c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3fnEEVOIAMFZcA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c612f9-0977cfca7fe22f83168e5d9e;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WSyQEwTUUN83EL9C9y9VPDzKnNjBXSmvcO5SfTuvIKPCDurKTM-oEg== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Wed, 18 Jan 2023 03:43:34 GMT age: 83341 etag: "6be8688f3b8d2f053afed5c09d00e71ad9210258" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	static.addtoany.com/menu/modules/core.26680508.js	104.22.70.197	200 OK	0 B
URL HTTP/2 static.addtoany.com/menu/modules/core.26680508.js IP 104.22.70.197:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /menu/modules/core.26680508.js HTTP/1.1 Host: static.addtoany.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Thu, 19 Jan 2023 02:52:34 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 11 Jan 2023 01:11:29 GMT etag: W/"11452-5f1f2ae24215b" cache-control: max-age=315360000, immutable x-content-type-options: nosniff access-control-allow-origin: * vary: Accept-Encoding via: e4s cf-cache-status: MISS strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 78bc46671ba70a35-ARN content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css	104.18.11.207	200 OK	0 B
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css IP 104.18.11.207:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 19 Jan 2023 02:52:33 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: SE cdn-edgestorageid: 632, 617, 617 last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 2021-04-23 06:29:02 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cache-control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e cdn-cache: HIT cf-cache-status: HIT age: 22207090 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 78bc4665ee7f0b65-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	static.addtoany.com/menu/page.js	104.22.70.197	200 OK	0 B
URL HTTP/2 static.addtoany.com/menu/page.js IP 104.22.70.197:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /menu/page.js HTTP/1.1 Host: static.addtoany.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 19 Jan 2023 02:52:33 GMT content-type: application/javascript; charset=utf-8 cache-control: public, max-age=172800 cf-bgj: minify access-control-allow-origin: * age: 5805 etag: W/"c04-5f1f2ae2e431b" last-modified: Wed, 11 Jan 2023 01:11:30 GMT vary: Accept-Encoding via: e3s x-content-type-options: nosniff cf-cache-status: HIT strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 78bc4666ab920a35-ARN content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	static.addtoany.com/menu/sm.24.html	104.22.70.197	200 OK	0 B
URL HTTP/2 static.addtoany.com/menu/sm.24.html IP 104.22.70.197:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /menu/sm.24.html HTTP/1.1 Host: static.addtoany.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://aw4ffyxfxtgyuzn3bcmssxwl2ysdkowx6c6bbillv5vxf7g2dgmltpyd.onion.pet/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Thu, 19 Jan 2023 02:52:33 GMT content-type: text/html; charset=utf-8 via: e3s last-modified: Fri, 18 Nov 2022 00:47:55 GMT etag: W/"2a5-5edb40e6d10d8" cache-control: max-age=315360000, immutable age: 153790 vary: Accept-Encoding cf-cache-status: HIT strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 78bc46671ba60a35-ARN content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML