| minhaclaro.dtmmkt.com.br/effectivemail/redirecionaclique.aspx?idabordagem=5252932746&idlink=12609016866&endereco=https://weareracist.com/blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t |  177.47.17.235 | | 232 B |
URL minhaclaro.dtmmkt.com.br/effectivemail/redirecionaclique.aspx?idabordagem=5252932746&idlink=12609016866&endereco=https://weareracist.com/blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t IP177.47.17.235:0 ASN#15830 Equinix (EMEA) Acquisition Enterprises B.V.
File typeHTML document, ASCII text, with CRLF line terminators Hash7ab73eaf3fae05123c117cfe2058e6d8 611b3f7b59663e3922eac404aa76eaef62c0c031 3c5a7634951eac7e3eafae3d6fddbdaa41c56c80b37b11b2957c19ed13c7254f
GET /effectivemail/redirecionaclique.aspx?idabordagem=5252932746&idlink=12609016866&endereco=https://weareracist.com/blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t HTTP/1.1
Host: minhaclaro.dtmmkt.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 18 Apr 2024 07:45:59 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://weareracist.com/blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t
Content-Length: 232
Via: 1.1 minhaclaro.dtmmkt.com.br
Keep-Alive: timeout=5, max=256
Connection: Keep-Alive
|
|
| weareracist.com/blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t |  162.241.120.242 | | 180 B |
URL weareracist.com/blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t IP162.241.120.242:0 ASN#19871 NETWORK-SOLUTIONS-HOSTING
File typeHTML document, ASCII text Hashc13d7f756b4900b8d5f71058e9f7a03e 045c5f7836320316941027df22d3310c7cd81781 4845a5ab7328570f5e2349c1cf1c20b22329bd9c482c55042665d601e5d98d12
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /blood/desturldocument/umzb21op4kmaqumdxdbflfpmvvnauqrcdxxrnqhw/ZGViLmhhY2tldHRAc2FwcGkuY29t HTTP/1.1
Host: weareracist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 07:46:00 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css |  104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css IP104.17.25.14:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:46:01 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 135124
expires: Tue, 08 Apr 2025 07:46:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyaGKupG0CSWHUDoMNYNA8CTZYiMdsw78Jb1qWXRH60jMMPaQCy5w%2BnE%2FIBfbnep9PGo8FDQ6%2FxC4jjOOrDPwKxlJJRl9ltbPy%2Fce%2F2Ax2X4eKGbHzW%2FF1oyYtxpVoUYAbIHerDr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876309e6fbd7b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | 200 OK | 5.3 kB |
URL GET HTTP/2www.w3schools.com/w3css/4/w3.css IP192.229.133.221:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerDigiCert Inc Subject*.w3schools.com Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 5305
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 18 Apr 2024 07:46:01 GMT
etag: "076f6bb690da1:0+gzip"
last-modified: Wed, 17 Apr 2024 10:57:32 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 | 104.17.25.14 | 200 OK | 150 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 IP104.17.25.14:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150020, version 772.1280 Size150 kB (150020 bytes) Hashd5e647388e2415268b700d3df2e30a0d 97f0942c6627ddd89fb62170e5cac9a2cbd6c98c 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:46:01 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64cac444-24a04"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 135016
expires: Tue, 08 Apr 2025 07:46:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YG4yKWdsFRJrG80CjHPKHyczfSMevSwcpb8LDrqJ73uiCavd6RsDtP8qkpeaXzKN%2FALBCyM8i4pRw7n0oEvwsXcNZoNkqde8C7rj66ONLeexCPzCSLoBYOiXhgV8yMHZp4g5oxRj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876309e90e53b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/images/favicon.ico | 104.17.96.13 | 404 Not Found | 14 B |
URL GET HTTP/3cloudflare-ipfs.com/images/favicon.ico IP104.17.96.13:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
File typeASCII text, with no line terminators Hashd0fbda9855d118740f1105334305c126 bc3023b36063a7681db24681472b54fa11f0d4ec a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook | | PhishTank | phishing | Other |
GET /images/favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m
Cookie: __cf_bm=x56L.gaqquE0uEJHjrhd_IvO.CpG0VqmFzdvjcFjOc4-1713426361-1.0.1.1-SzNkrdKNzpYLgiRy3jH.2fN7j_U9LQ1ZqIatgDeZPTR6a9TapQb3o7_u6QXLc9OGlJP71.sNFLUgNRMBitDXSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 07:46:01 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 876309e9fada56ab-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Ubuntu | 142.250.74.106 | 200 OK | 110 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Ubuntu IP142.250.74.106:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Size110 kB (110299 bytes) Hash7777035a78e041627a9aca7a4eca05ac 236d48642c2531a2cf001013d012619cead49adb 6a34e8b5ad3aae9f91094d2b15ea9fb3c72ce9a66a56ca4f74b5a9fd1db8341d
GET /css?family=Ubuntu HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 07:46:01 GMT
date: Thu, 18 Apr 2024 07:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| egensession.com/n.php?getemailinfo=deb.hackett@sappi.com&linkbox=nicholaski&url=https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m |  188.114.96.1 | | 1.4 kB |
URL egensession.com/n.php?getemailinfo=deb.hackett@sappi.com&linkbox=nicholaski&url=https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m IP188.114.96.1:0
Hash548d1c1e10639169e6ec538a7abed2d3 dbdef8a1676356a226e4ebfe3c0acc9a9d3d46e3 f9469cc4ec34b339a9857d2a85d2b462181622e2bd5fa3a4387026b7039c64dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /n.php?getemailinfo=deb.hackett@sappi.com&linkbox=nicholaski&url=https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m HTTP/1.1
Host: egensession.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:46:02 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.0.30
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyOLKRgwXs4eWW3kOjeuQX0lCBH4kWioCSAJfft%2FshLUHF2Vayqo3sjDo0DL6FyBZUCKC4JWFB79MsXd8kUYxir4jBFKQXkgv1P6h5D7R4kjmHHLkHqfwDT9RcGFgBG3xg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876309e92fef56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=32 | 142.250.74.100 | | 452 B |
URL t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=32 IP142.250.74.100:0
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash158ed7aab914495775800fe376b8b6e4 9fd0f3eaf5a6616cedb7bc07598b41bb949a2e4b 8c17bd208fc6502fad020379fac09e0528e61d3762d0935a2224efe4f381bba8
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=32 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn-s3.sappi.com/s3fs-public/Sappi_0.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 07:46:00 GMT
expires: Thu, 25 Apr 2024 07:46:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 19 Jun 2019 17:51:38 GMT
content-type: image/png
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 | 142.250.74.68 | | 706 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 IP142.250.74.68:0
File typePNG image data, 64 x 64, 8-bit colormap, non-interlaced Hashbf0d0c6570dbb994cebc8abbe4a83441 8020cda63949fa3fec563338f0f8fc47cd096a84 5a2b5c69def6b9379ec564628eb9bb480168ecfe0301ca5a00817f7e3efc76f3
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn-s3.sappi.com/s3fs-public/Sappi_0.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 07:46:00 GMT
expires: Thu, 25 Apr 2024 07:46:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 19 Jun 2019 17:51:38 GMT
content-type: image/png
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 | 142.250.74.99 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 IP142.250.74.99:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21904, version 1.0 Hash27b2f94167bce460f3e669c52be7301e de5636d6096f5a29f0764aa563c54f157b1f9de9 51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
GET /s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:00:14 GMT
expires: Fri, 18 Apr 2025 03:00:14 GMT
cache-control: public, max-age=31536000
age: 17150
last-modified: Wed, 31 Jan 2024 23:15:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m | 104.17.96.13 | 200 OK | 303 kB |
URL User Request GET HTTP/2cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m IP104.17.96.13:443
CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
Size303 kB (303444 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook | | PhishTank | phishing | Other |
GET /ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weareracist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:46:01 GMT
content-type: text/html
cf-ray: 876309e2aedf56c0-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 48222
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m
x-ipfs-roots: bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m
set-cookie: __cf_bm=x56L.gaqquE0uEJHjrhd_IvO.CpG0VqmFzdvjcFjOc4-1713426361-1.0.1.1-SzNkrdKNzpYLgiRy3jH.2fN7j_U9LQ1ZqIatgDeZPTR6a9TapQb3o7_u6QXLc9OGlJP71.sNFLUgNRMBitDXSw; path=/; expires=Thu, 18-Apr-24 08:16:01 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2 | 104.17.25.14 | 200 OK | 110 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2 IP104.17.25.14:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 109808, version 772.1280 Size110 kB (109808 bytes) Hash005c9aa92b564b73b7582cc4f1fa49cb 373361ed756b1fe68ce2f5968d467826b6973bb5 faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:46:02 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 109808
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64cac444-1acf0"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 466154
expires: Tue, 08 Apr 2025 07:46:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVoOV8ljhtO5AugP%2B%2FXeaNN7knTt%2FE65Ppnpsclns2WjfRMdjrLdwgblWkYkYq%2FajdZNY8qjXMbJ39kms1hUDHGj06qQxGsu81zXcc5KKEkbgATKG5o5p2ct5p2Y8l0GgHB0ahuo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876309eedb33b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Ubuntu+Mono | 142.250.74.106 | 200 OK | 1.9 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Ubuntu+Mono IP142.250.74.106:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1938), with no line terminators Hash49099c0c24729e98df44c3aba879ca98 ea666032fb3869d736cdd50039ba5604606754f2 86204584dba18073c507f3c08f643364e80e4d0a1842348fcfc4cca25143ce71
GET /css?family=Ubuntu+Mono HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 07:46:01 GMT
date: Thu, 18 Apr 2024 07:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| egensession.com/n.php?getemailinfo=deb.hackett@sappi.com&linkbox=nicholaski&url=https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m | 188.114.96.1 | 200 OK | 1.4 kB |
URL GET HTTP/2egensession.com/n.php?getemailinfo=deb.hackett@sappi.com&linkbox=nicholaski&url=https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m IP188.114.96.1:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subjectegensession.com FingerprintDA:92:ED:40:FF:16:EA:C4:47:1F:A5:C4:AA:CB:3D:C8:B3:70:10:A0 ValidityTue, 19 Mar 2024 07:18:47 GMT - Mon, 17 Jun 2024 07:18:46 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1517), with no line terminators Hash99f3ed3b330e8abfe88ce2595895984b cd02c723a77b997d8829b0b0e507a5b0b76c9404 1a3b6b6f8ad66c867d548c4d956ac7c42fe3f0738893a646bcdd5040f1d1a3d6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /n.php?getemailinfo=deb.hackett@sappi.com&linkbox=nicholaski&url=https://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m HTTP/1.1
Host: egensession.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
Origin: https://cloudflare-ipfs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:46:02 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.0.30
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyOLKRgwXs4eWW3kOjeuQX0lCBH4kWioCSAJfft%2FshLUHF2Vayqo3sjDo0DL6FyBZUCKC4JWFB79MsXd8kUYxir4jBFKQXkgv1P6h5D7R4kjmHHLkHqfwDT9RcGFgBG3xg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876309e92fef56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 | 142.250.74.68 | 200 OK | 706 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 IP142.250.74.68:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 64 x 64, 8-bit colormap, non-interlaced Hashbf0d0c6570dbb994cebc8abbe4a83441 8020cda63949fa3fec563338f0f8fc47cd096a84 5a2b5c69def6b9379ec564628eb9bb480168ecfe0301ca5a00817f7e3efc76f3
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn-s3.sappi.com/s3fs-public/Sappi_0.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 07:46:00 GMT
expires: Thu, 25 Apr 2024 07:46:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 19 Jun 2019 17:51:38 GMT
content-type: image/png
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Fjalla+One&family=Josefin+Slab:ital,wght@1,100&family=Playfair+Display:ital,wght@0,400;1,900&family=Sofia+Sans+Extra+Condensed:ital,wght@0,1;0,100;0,200;0,300;1,100;1,200&display=swap | 142.250.74.106 | 200 OK | 17 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Fjalla+One&family=Josefin+Slab:ital,wght@1,100&family=Playfair+Display:ital,wght@0,400;1,900&family=Sofia+Sans+Extra+Condensed:ital,wght@0,1;0,100;0,200;0,300;1,100;1,200&display=swap IP142.250.74.106:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash1879f33c235559424ade6030e8ba60d8 20a2c261087d1338733c674ecc14e6802fe8b11f a264702250513e6c672a45a8a85eafc70c9016671a3bb54931115d105be626e3
GET /css2?family=Fjalla+One&family=Josefin+Slab:ital,wght@1,100&family=Playfair+Display:ital,wght@0,400;1,900&family=Sofia+Sans+Extra+Condensed:ital,wght@0,1;0,100;0,200;0,300;1,100;1,200&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 07:46:01 GMT
date: Thu, 18 Apr 2024 07:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=32 | 142.250.74.100 | 200 OK | 452 B |
URL GET HTTP/2t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=32 IP142.250.74.100:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash158ed7aab914495775800fe376b8b6e4 9fd0f3eaf5a6616cedb7bc07598b41bb949a2e4b 8c17bd208fc6502fad020379fac09e0528e61d3762d0935a2224efe4f381bba8
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=32 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn-s3.sappi.com/s3fs-public/Sappi_0.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 07:46:00 GMT
expires: Thu, 25 Apr 2024 07:46:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 19 Jun 2019 17:51:38 GMT
content-type: image/png
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 | 142.250.74.68 | 200 OK | 706 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 IP142.250.74.68:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafybeihmfbcrj23fhwzt7pxguz6qcgf5zps5lffb725rcqnnr3ut76ky5m#deb.hackett@sappi.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 64 x 64, 8-bit colormap, non-interlaced Hashbf0d0c6570dbb994cebc8abbe4a83441 8020cda63949fa3fec563338f0f8fc47cd096a84 5a2b5c69def6b9379ec564628eb9bb480168ecfe0301ca5a00817f7e3efc76f3
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sappi.com&size=64 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn-s3.sappi.com/s3fs-public/Sappi_0.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 07:46:00 GMT
expires: Thu, 25 Apr 2024 07:46:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 19 Jun 2019 17:51:38 GMT
content-type: image/png
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
0.0.0.0