Report - itcamefromgowanus.com/

Report Overview

URL

itcamefromgowanus.com/
IP

104.21.17.150

ASN

#13335 CLOUDFLARENET
Submitted

2023-02-24T00:37:01Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org (9)	344	2020-12-02T09:52:13Z	2023-03-14T05:09:04Z	3042	7977	23.36.76.226
itcamefromgowanus.com (2)	unknown	2016-03-05T05:05:47Z	2021-01-28T22:54:48Z	880	5012	104.21.17.150
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-14T05:09:38Z	606	127	35.165.41.15
stats.g.doubleclick.net (1)	96	2013-06-10T22:21:11Z	2023-03-14T06:40:37Z	492	1029	209.85.233.155
www.iyfubh.com (1)	258477	2017-10-05T12:23:02Z	2023-03-14T07:10:52Z	425	916	208.91.196.46
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3246	57136	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-14T05:09:37Z	413	5882	34.160.144.191
www.bluehost.com (6)	119801	2012-09-13T15:00:04Z	2023-03-14T07:10:51Z	1926	1809626	104.18.29.109
www.google.no (1)	25607	2016-04-05T21:50:59Z	2023-03-14T04:49:33Z	516	578	142.250.74.163
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T18:13:28Z	782	2373	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-14T05:09:37Z	333	391	34.117.237.239
www.google-analytics.com (1)	40	2012-10-03T03:04:21Z	2023-03-14T08:17:33Z	289	17623	142.250.74.110
ocsp.pki.goog (6)	175	2018-07-01T08:43:07Z	2023-03-13T18:12:07Z	2058	4198	216.58.211.3
www.google.com (1)	7	2015-05-10T13:11:19Z	2023-03-14T03:21:11Z	490	728	216.58.207.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-24	medium	itcamefromgowanus.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

bbe5e8dc913bdcab76f9fe8851ea2e77

9215fadd003873382ed2a4ace79ba337adadd692

e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14655
Expires: Fri, 24 Feb 2023 04:41:05 GMT
Date: Fri, 24 Feb 2023 00:36:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6f313739c4c44174fc9a97ac63621b46

319da68d06694330ad9f7901bcde1ca0a6eeac0d

321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10210
Expires: Fri, 24 Feb 2023 03:27:00 GMT
Date: Fri, 24 Feb 2023 00:36:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d4569ebd95f766b8f22ed69d69334c37

a7fcd3f640877885077a4126708968d7e1e0d252

e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11111
Expires: Fri, 24 Feb 2023 03:42:01 GMT
Date: Fri, 24 Feb 2023 00:36:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

7f03faaba3392caae6dae54467bfdf6d

57ea1f14e8bfbcca8190c706d708c9fda12442c1

02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 23:38:27 GMT
content-type: application/json
age: 3503
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

b5ba6334e73496995e3e3a9ecd0eb323

ad80d3b7718c28364e8c2004fb38a13a1747e462

aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: /13yclw4wR8kBcPbwDC5ACoCvaz+t8NmiPgcFJelH6X921bBkz2GJjSNWT24yl9b7WzCIOKfc3k=
x-amz-request-id: QMWWJWT3X4PAWTCE
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 23:49:16 GMT
age: 2854
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

itcamefromgowanus.com/

104.21.17.150

200 OK

1849

URL HTTP/1.1

itcamefromgowanus.com/
IP

104.21.17.150:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (493)

Size

1849
Hash

787a9243c6a41f8bb3f18f24ccf9990b

48ba33c45ad35cbf766c89d83482bfb59acd0ba1

1ed9975c0caef7f00a6aa5031623c8260616d7f357c1a0700d8a55371dc09f75

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET / HTTP/1.1
Host: itcamefromgowanus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 00:36:50 GMT
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWxBLmweSCCmhg%2FDyYifImDu%2Fz6Fw6%2FtgO16MUYavAZHHy%2Bzl7DFFBPvPlJelok2gXQc%2BZXMf7NbFk91kZCmpabImI03GsV0GXFq6c9bLiYzin1EKyQPda7ykTXOCcdpIHxEvphdTug%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79e42116bdb81bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 00:36:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.bluehost.com/media/shared/general/cookies.js

104.18.29.109

403 Forbidden

334421

URL HTTP/1.1

www.bluehost.com/media/shared/general/cookies.js
IP

104.18.29.109:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64231)

Size

334421
Hash

83949737c21431a32c5f2f34905fa608

f8d34cf63de98bb92ce865eb5c134df92a4cf602

a1f035822b4ba0964263efa42beaab57ca870966eae9005cc8445c9f76306879

HTTP Headers

                                        GET /media/shared/general/cookies.js HTTP/1.1
Host: www.bluehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 403 Forbidden
Date: Fri, 24 Feb 2023 00:36:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=RfMDt6ZTvYTl2oeOG6ghMgnEMhc9mbj_OA0Oc16F2E8-1677199010-0-Ae3gQWmqf5BXZoL/vXMpGAB39o6Wc6Q9Y8fnagi2jDgJrH8+CMs5Vs6u/OtKRWt94SHBxSCBwcBjPvcfasqtxCw=; path=/; expires=Fri, 24-Feb-23 01:06:50 GMT; domain=.bluehost.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e42119af04b4e8-OSL
Content-Encoding: gzip

www.bluehost.com/media/shared/general/jquery/jquery.min.js

104.18.29.109

403 Forbidden

334463

URL HTTP/1.1

www.bluehost.com/media/shared/general/jquery/jquery.min.js
IP

104.18.29.109:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64231)

Size

334463
Hash

c0c00367e5e2a3395ae3165387006d31

31a0c80be25f7e92c84417d7ea297bb7261a3bdf

467631f1ffe5eaa6135b5e71f6c847fdc25df435f3598c01c064c2db5a1cad73

HTTP Headers

                                        GET /media/shared/general/jquery/jquery.min.js HTTP/1.1
Host: www.bluehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 403 Forbidden
Date: Fri, 24 Feb 2023 00:36:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=w8XmbEZhiMhSBZ4WXZHzhcd_WFJpsuBJsU40o6PZlz8-1677199010-0-ATiGQKaXMIGk9GZdJ9r4smut/pnaPsIk7BTrNmh0UN4uvsmEtZYf51haIRiw78iLIKiUIusPdte0Y7Iwm5j6WJk=; path=/; expires=Fri, 24-Feb-23 01:06:50 GMT; domain=.bluehost.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e42119acc7b4eb-OSL
Content-Encoding: gzip

www.bluehost.com/media/shared/general/_bh/main.css

104.18.29.109

403 Forbidden

334447

URL HTTP/1.1

www.bluehost.com/media/shared/general/_bh/main.css
IP

104.18.29.109:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64231)

Size

334447
Hash

ec7012874828d89ecf1e99322b90a69f

9560a526899c63a88fce28504af1d4b167aa001e

dd56358993259fb3beba6339af1bfe8422e8d0b6c1537a1947642ed25495af16

HTTP Headers

                                        GET /media/shared/general/_bh/main.css HTTP/1.1
Host: www.bluehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 403 Forbidden
Date: Fri, 24 Feb 2023 00:36:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=0SMb1g8R9Ypg2cLw8rbm.HMmPP9g9hx_OdjxOVXTaxs-1677199010-0-AR/T3+eZGyXVMRVtd0vQKIxwyvIsjhjJfekwILMfEBuvg4X4ezQ+oSjMskYEGeTh4LYR8fjzWkQctO05kff08b0=; path=/; expires=Fri, 24-Feb-23 01:06:50 GMT; domain=.bluehost.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e42119aee90afa-OSL
Content-Encoding: gzip

www.bluehost.com/media/shared/info/index/_bh/home.css

104.18.29.109

403 Forbidden

334462

URL HTTP/1.1

www.bluehost.com/media/shared/info/index/_bh/home.css
IP

104.18.29.109:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64231)

Size

334462
Hash

ef3066817f180d817bff09c8187d9219

ea582305e166e288bbcf1203ae188af488e8c22b

b7fc99fe17a6315129a136e1462106d1d05c20c1dec6ab5f77f3cf4215bae9fd

HTTP Headers

                                        GET /media/shared/info/index/_bh/home.css HTTP/1.1
Host: www.bluehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 403 Forbidden
Date: Fri, 24 Feb 2023 00:36:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=7YNQZGzEmi7oD_W74M1E1a_NNbhS6yAzHNIrPhjLiNY-1677199010-0-Ad0S9v73lrbTQmWqZMkvQhleFCJz7aDaO388oT+7226xj1yJGL4AlGKiO9MxlJ9zxI447Gv4PKbUSu7BHFj+mOo=; path=/; expires=Fri, 24-Feb-23 01:06:50 GMT; domain=.bluehost.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e42119ac0db4ee-OSL
Content-Encoding: gzip

www.bluehost.com/media/shared/general/jquery/jquery.min.js

104.18.29.109

403 Forbidden

334467

URL HTTP/1.1

www.bluehost.com/media/shared/general/jquery/jquery.min.js
IP

104.18.29.109:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64231)

Size

334467
Hash

18ac3d1712d7e40dc1fae39edf3f53be

63c90cd5a48eca93b115431b8d5111f9f6a75ca9

95d134e254b731e57745b631a5647863503c5a2b2512b075b1c9258336e02d49

HTTP Headers

                                        GET /media/shared/general/jquery/jquery.min.js HTTP/1.1
Host: www.bluehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 403 Forbidden
Date: Fri, 24 Feb 2023 00:36:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=bYnG5wqTrSkSrlRpHLf0VZCuMcIDKB7SeNd4HumJZkk-1677199011-0-AZ/ot1G/F72z17FfpcdJ4LHtvHiLAPnK8ornJ+uxXbzSJimWt2O7dD9Ce94363X5YhxbCU4w5l7lWSEr2B9T3ts=; path=/; expires=Fri, 24-Feb-23 01:06:51 GMT; domain=.bluehost.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e4211a8edab524-OSL
Content-Encoding: gzip

www.google-analytics.com/ga.js

142.250.74.110

200 OK

17168

URL HTTP/1.1

www.google-analytics.com/ga.js
IP

142.250.74.110:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (1305)

Size

17168
Hash

01d5892e6e243b52998310c2925b9f3a

58180151b6a6ee4af73583a214b68efb9e8844d4

7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

                                        GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Fri, 24 Feb 2023 00:12:05 GMT
Expires: Fri, 24 Feb 2023 02:12:05 GMT
Cache-Control: public, max-age=7200
Age: 1486
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding

www.bluehost.com/media/shared/info/index/_bh/logo.jpg

104.18.29.109

403 Forbidden

131450

URL HTTP/1.1

www.bluehost.com/media/shared/info/index/_bh/logo.jpg
IP

104.18.29.109:0
ASN

#13335 CLOUDFLARENET

Magic

data

Size

131450
Hash

ab75315e35e9b346e9b2529d91ebd744

0df58532806f4a1993cc7dc37af96b007479d6f2

7d5b591dce2915d16b2dfe560f2f08aba2d8abe4b61b89b7f14d0b8e2fe5c853

HTTP Headers

                                        GET /media/shared/info/index/_bh/logo.jpg HTTP/1.1
Host: www.bluehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/

                                        HTTP/1.1 403 Forbidden
Date: Fri, 24 Feb 2023 00:36:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=Mpj4I9nWJlegjglYNEtml3ZW7AVWKgZkOVifIDKmJ.c-1677199011-0-AdBSVX1ps4MBYqW3HF0/6rXJSSR8tQ5ZEujaSLF23XV9/6LPZZZZ/cgiv9dwYT7Bj/cxMCmakiVBwXDstEeOhAo=; path=/; expires=Fri, 24-Feb-23 01:06:51 GMT; domain=.bluehost.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e4211a78510b65-OSL
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Feb 2023 00:20:35 GMT
age: 976
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

8b071bc9b5482975fd106c517ecf32ce

779e5d086103fe19ae153f50606759302e88a5d9

ec5f6bf09033e5679826614f9fb79d296a69b16b755a428dee36548ca287ec69

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 00:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681

209.85.233.155

302 Found

366

URL HTTP/2

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681
IP

209.85.233.155:0
ASN

#15169 GOOGLE

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators

Size

366
Hash

e52aa08ca4f3073bffc2688c3bba7695

ce02b4e3d82d0e0a0cb3e48f9ec89b4dfbfe598e

79d41209c999a8a82e6713b88f5ccda9ff54118a9b4197374d72a346b2edce38

HTTP Headers

                                        GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://itcamefromgowanus.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Feb 2023 00:36:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

8b071bc9b5482975fd106c517ecf32ce

779e5d086103fe19ae153f50606759302e88a5d9

ec5f6bf09033e5679826614f9fb79d296a69b16b755a428dee36548ca287ec69

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 00:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e88c5158a176029a61adb32e89caf76d

996e3d1516ee1ce7af7f381a370509c901050146

031925a19f88298430161229d27ff7091945f35a3c294ba8441f238d7959a5fc

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 00:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681

216.58.207.228

302 Found

URL HTTP/2

www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681
IP

216.58.207.228:0
ASN

#15169 GOOGLE

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://itcamefromgowanus.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 00:36:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681&slf_rd=1&random=2611394468
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

d5a81909f9ba52a4b5b4beca7189f10a

216a773aef7239d68c979f6c24013a31f085c779

79799853ac50d2c9e10b8cfab4a57150b087403209006e166af67164c2630de6

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 00:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5fa728a339ca32e616d483e61d0aebcd

6a63966de94d16390c8f1e47e5b67fe5bb67f7cd

7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4135
Expires: Fri, 24 Feb 2023 01:45:46 GMT
Date: Fri, 24 Feb 2023 00:36:51 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

5c79f7689efb3e9384d23c012fbb7459

6383d131dec112059c3bb88971dc23ce47bc98f2

4bc466ff7e5773f11ef30dba2c57bb6b76b05964622a087f0fba48686b6b85f4

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 00:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681&slf_rd=1&random=2611394468

142.250.74.163

200 OK

URL HTTP/2

www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681&slf_rd=1&random=2611394468
IP

142.250.74.163:0
ASN

#15169 GOOGLE

Magic

GIF image data, version 89a, 1 x 1\012- data

Size

42
Hash

d89746888da2d9510b64a9f031eaecd5

d5fceb6532643d0d84ffe09c40c481ecdf59e15a

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

                                        GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-9156498-1&cid=1831344532.1677199038&jid=994285883&_v=5.7.2&z=161355681&slf_rd=1&random=2611394468 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://itcamefromgowanus.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 00:36:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

5c79f7689efb3e9384d23c012fbb7459

6383d131dec112059c3bb88971dc23ce47bc98f2

4bc466ff7e5773f11ef30dba2c57bb6b76b05964622a087f0fba48686b6b85f4

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 00:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.iyfubh.com/?dn=itcamefromgowanus.com&pid=9POJB64QD

British Virgin Islands CONFLUENCE-NETWORK-INC

208.91.196.46

200 OK

272

URL HTTP/1.1

www.iyfubh.com/?dn=itcamefromgowanus.com&pid=9POJB64QD
IP

208.91.196.46:0
ASN

#40034 CONFLUENCE-NETWORK-INC

Magic

HTML document text\012- HTML document, ASCII text, with CRLF line terminators

Size

272
Hash

8859320b3a0c5b58d422f830c6c83fd1

529564a0e7aea113048d3840e2d72776b3e00d32

9f96d68b285d4f7e4a82ef42e626ec4f96a94c9c61a2c7fcb699a762b1abb487

HTTP Headers

                                        GET /?dn=itcamefromgowanus.com&pid=9POJB64QD HTTP/1.1
Host: www.iyfubh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 00:36:51 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Content-Length: 272
Keep-Alive: timeout=5, max=122
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

35.165.41.15:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L4quStGTHaX+OUz+zOatbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: La5RQZAVATHNpnwv7LoXJNw987U=

itcamefromgowanus.com/favicon.ico

104.21.17.150

200 OK

1843

URL HTTP/1.1

itcamefromgowanus.com/favicon.ico
IP

104.21.17.150:0
ASN

#13335 CLOUDFLARENET

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (493)

Size

1843
Hash

1032156b57963b575df4c88e53662dbd

2ffd2e558f6b0f65b9ac846095280b312ee2e8ba

7edc373d2706035818a6541c4185d7103464565c0d6929a3ae04820bdaa11a1b

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: itcamefromgowanus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://itcamefromgowanus.com/
Cookie: __utma=133433814.1831344532.1677199038.1677199038.1677199038.1; __utmb=133433814.1.10.1677199038; __utmc=133433814; __utmz=133433814.1677199038.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                        HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 00:36:52 GMT
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Fri, 24 Feb 2023 00:36:52 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnLFYhdQBXMqghaca7pwUAroIdEvSuDSqvsrrxLln8lm1AzVMBj9QBUOHRaV%2F8vIZTtARRs%2FPAMLuQYEPa1ctNVeD6vOGpwVoVDxx9Wsdl4RsBqyfGxvyZCz4LU6br9SJUSQrrOyG1E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e4211b4f741bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cd04d923e6b3cbd7cac3c56d18ca9016

7d3205fb454124635afcbfcf2265ce504c778ef1

fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Fri, 24 Feb 2023 02:02:35 GMT
Date: Fri, 24 Feb 2023 00:36:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cd04d923e6b3cbd7cac3c56d18ca9016

7d3205fb454124635afcbfcf2265ce504c778ef1

fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Fri, 24 Feb 2023 02:02:35 GMT
Date: Fri, 24 Feb 2023 00:36:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cd04d923e6b3cbd7cac3c56d18ca9016

7d3205fb454124635afcbfcf2265ce504c778ef1

fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Fri, 24 Feb 2023 02:02:35 GMT
Date: Fri, 24 Feb 2023 00:36:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cd04d923e6b3cbd7cac3c56d18ca9016

7d3205fb454124635afcbfcf2265ce504c778ef1

fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Fri, 24 Feb 2023 02:02:35 GMT
Date: Fri, 24 Feb 2023 00:36:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cd04d923e6b3cbd7cac3c56d18ca9016

7d3205fb454124635afcbfcf2265ce504c778ef1

fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5143
Expires: Fri, 24 Feb 2023 02:02:35 GMT
Date: Fri, 24 Feb 2023 00:36:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg

34.120.237.76

200 OK

9093

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9093
Hash

2a5f3d376fe6a3a78a5d1fe136f962fb

3e9b03cc296e954d63526a4e7e75beea3130fc3b

c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn6TjisRzQNNHhkTMjHjsiOQosH9A5TZVtJypfHstcjuAG-DLUbIag==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:54 GMT
age: 10918
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4190

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

4190
Hash

daa87fe33e37f4179406213c50b0bfc8

0a3b8e72639cbcee63e7204accb95ada77076a11

a4dd63888518de162c44da8a12eb7d2c1c2a0a97f66ea06287e82351fa36f8ff

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 4190
x-amzn-requestid: 5be79d82-00a6-41ff-931a-b35f1329cb71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9JcEv3IAMFb4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbd5-52bd27793f7ea5312c23b54e;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bIEIezbuhaUq9nKp6jNqE7bErXUkrmPnEqUUT_B6ULlIoer194Ya0Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 22:26:08 GMT
age: 7844
etag: "0a3b8e72639cbcee63e7204accb95ada77076a11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11089

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

11089
Hash

78bcc318c65f1f7b827f7ff792f14595

6bd53a60048a57322c3fc5d12c9f849e38fd2765

d83a699697cb6c728563b667e82a538237472ec86f841b34bc5f7639c94702e8

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 11089
x-amzn-requestid: 8738c63f-1ac3-4ce9-afe7-d5bed232e4b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax-wyHd6IAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7119e-1fe3416019806b2550524e41;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:11:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UTWIOBVzeriNaMV_ROuRIwodof3mBbceNtk_eVlmDu01H2EtJH9-zA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 07:29:58 GMT
age: 61614
etag: "6bd53a60048a57322c3fc5d12c9f849e38fd2765"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11372

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5ed54f-4b9c-404c-9c98-709b6bafc2a7.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

11372
Hash

3c525276d82309185ba5b9a0bde424d5

96ef51351075441f83d09834292f255d94cd7911

891bcdc08687c6280b63bd7312a925185272a374179fd7ca7bf62aec32408daf

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5ed54f-4b9c-404c-9c98-709b6bafc2a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: 77208ac4-31c7-4a46-9406-11f0a98a65ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D4H6IoAMFQBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-40611ab960eaadb202172abe;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JFuOxVbDlQm-LvZunDZmam07BJtqnWnYDOR2Nubnoj66mo3BSEFQqw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:48:44 GMT
age: 10088
etag: "96ef51351075441f83d09834292f255d94cd7911"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5624

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfddc284-f440-456d-8bfb-7114ad8092b0.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5624
Hash

cd1631d34431c0dfc1d66bad3d6bb464

73030f74289ab10d7f94cd3fe358390efacc3268

843d4318291fafe4ee2bea039635262ca7574a4e9688aaab30fee97560f6ec81

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfddc284-f440-456d-8bfb-7114ad8092b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5624
x-amzn-requestid: 2c253ff3-61e4-4f15-948f-862bb71a9ed8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9EtFDjIAMFhmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb7-058c9199058eb3342abc2395;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Xz-dUoCM-ubAesApfIMiVRZdM9wX0xOKxyAZjBpjSkWnEm1ABW17rw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:48:12 GMT
age: 10120
etag: "73030f74289ab10d7f94cd3fe358390efacc3268"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9387

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4763b5fd-51d2-46bb-a306-ce5d0799eca3.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9387
Hash

fedefde8c4f90a6f10f769419f2ff485

35cbe3e6981dc9fd1bcbb8743c61ff28fde443fc

65adf7a2930673f45f83cafb75cde5ec3f61ed1bed2018cd27cd4da068e511ea

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4763b5fd-51d2-46bb-a306-ce5d0799eca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9387
x-amzn-requestid: a2db2470-843a-4180-8cca-8338ed4237bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9E4GDcIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb8-3a87935b42932f213cb9a7ee;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iwod49tuzw2JYk_CDcrwxPGYEvDnfHJgJ-63r_aJC29b1ye5dL9Nsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:39:12 GMT
age: 10660
etag: "35cbe3e6981dc9fd1bcbb8743c61ff28fde443fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

#1 JS:Script (size: 216)

#2 JS:Script (size: 189)

#3 JS:Script (size: 46274)

#4 JS:Script (size: 187)

#1 JS:Write (size: 61)

HTTP Transactions (39)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers