wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/2wafefsfessfseh.html?ups.ilevasseur@nouveaumonde.ca.1ZE7461384268403482
200 OK 264 B URL HTTP/1.1 wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/2wafefsfessfseh.html?ups.ilevasseur@nouveaumonde.ca.1ZE7461384268403482
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 99696d61b5e61ef2cebe2addf843ff09
962bce14acd41496a2f288d4c7ebf732c78f177d
0387adb62c83b8371b812d2e2043052962d73d80ffbc174ed9bee65ea07ad258
GET /2wafefsfessfseh.html?ups.ilevasseur@nouveaumonde.ca.1ZE7461384268403482 HTTP/1.1
Host: wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
x-amz-id-2: MpQI71+0jCNLITf4ExXaECUkMdzN86GPfzti+Pr9yBkvaQSc0D4K/bBycCuK9pcwU2+tMeY1odk=
x-amz-request-id: 16J6Z25E0T5VFGDV
Date: Thu, 23 Mar 2023 11:00:42 GMT
Last-Modified: Wed, 22 Mar 2023 08:00:37 GMT
ETag: "99696d61b5e61ef2cebe2addf843ff09"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 0387adb62c83b8371b812d2e2043052962d73d80ffbc174ed9bee65ea07ad258
x-amz-meta-s3b-last-modified: 20230321T221017Z
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 264
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9522
Expires: Thu, 23 Mar 2023 13:39:24 GMT
Date: Thu, 23 Mar 2023 11:00:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3872
Expires: Thu, 23 Mar 2023 12:05:14 GMT
Date: Thu, 23 Mar 2023 11:00:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 10:15:05 GMT
content-type: application/json
age: 2737
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4645
Expires: Thu, 23 Mar 2023 12:18:07 GMT
Date: Thu, 23 Mar 2023 11:00:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zKXPJl60t2Qkgft5P+24AplJh6HSufJFJkvpPp2sGq1ntf76wNsFnWymPcSHuY6mH+wMJUuRIwM=
x-amz-request-id: 6GQAFJR9Q1MXK6RA
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 10:54:01 GMT
age: 401
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 11:00:42 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/favicon.ico
404 Not Found 282 B URL HTTP/1.1 wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/favicon.ico
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash 522da5aa15e1e3fc33360c3344dd1f2d
ab9960f88fc78c4fa98a7bf4696aa7a09dd0bd42
cfa289f458f2c895259e5ca5b62fbad76862e89fcf8213806d0b4090f2db5fe1
GET /favicon.ico HTTP/1.1
Host: wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/2wafefsfessfseh.html?ups.ilevasseur@nouveaumonde.ca.1ZE7461384268403482
HTTP/1.1 404 Not Found
x-amz-request-id: 2A6VX1293B4GMZ86
x-amz-id-2: cv1rMorkOYDSZ3F/b3JbIcMKoF84tdO+TcWv2SF4TbY6QQDJ5MMWU41iZ5GbPnXOTHXBu4NxRdQ=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 23 Mar 2023 11:00:42 GMT
Server: AmazonS3
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page
301 Moved Permanently 311 B URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f679fe060b6b5613d9f1e0122d63aac3
37cba85c9aa16aff238f1f2812f83dcca5ec2d9e
d22a7fde8adebee91280dc6b0789ab887f12ad9527e0c8f3b1cbd9dd9f676c22
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
location: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/
content-length: 311
content-type: text/html; charset=iso-8859-1
date: Thu, 23 Mar 2023 11:00:42 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 10:17:23 GMT
age: 2599
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/
302 Found 0 B URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/ HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/7.4.33
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
location: tracking.php
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 11:00:42 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Thu, 23 Mar 2023 12:21:11 GMT
Date: Thu, 23 Mar 2023 11:00:42 GMT
Connection: keep-alive
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
200 OK 3.9 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2042), with CRLF line terminators
Hash c74d231bb51359533e879ae89d6fd3b9
6482c0f853c56402be038feebb9318a12eab3b76
6c48628baaf814bd0b0e529706ae95b7afb84c1c21bca21d0ff8594fc932e835
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wegbrsedawaerdthny6j5reh4r567kmyntfdbserhdfbse4rhj5tdnrd5j11.s3.us-east-1.amazonaws.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-length: 3911
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 11:00:42 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 10:19:28 GMT
expires: Thu, 23 Mar 2023 11:19:28 GMT
cache-control: public, max-age=3600
age: 2475
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/logo2.png
200 OK 1.9 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/logo2.png
IP
File type PNG image data, 99 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 319ef9a184352dff645777e31b10fa27
403a1197c0450d4b96cf32a10fe05e8181d8e2c5
4992b644a99871bbeab3993db45ae7f2dffd29d219a2df5142dc3c5ff70a948f
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/logo2.png HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 01:38:14 GMT
etag: "1629767-761-5e2f0ca15ad80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1912
content-type: image/png
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/s02.png
200 OK 1.6 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/s02.png
IP
File type PNG image data, 283 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ba33c1c7577cfaa4c3c062680196f38
c04874308815dccf6d166221e5852eb58a1f0f87
9d210dad0c81c451f7ef9e3b3fbf75a1eb3ff9426c1a1c35388cabd631f94799
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/s02.png HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 01:41:50 GMT
etag: "1629778-62f-5e2f0d6f59380-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1606
content-type: image/png
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/s01.png
200 OK 1.9 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/s01.png
IP
File type PNG image data, 292 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ac48610a20ed760d459c7e65402f1b9
6a70747e48ed2d28c7c5ac6cb0338b49a8d6a4ae
eea8cec30918b23de0e16edcc8bfcf67c8c3d5a52bf2a532b7f8e8d63ef1e231
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/s01.png HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 01:40:26 GMT
etag: "1629769-778-5e2f0d1f3d680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1935
content-type: image/png
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/prepare_active.svg
200 OK 1.8 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/prepare_active.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4e764ffa4c251826263ca839a73c9a05
69ddf2bd5acc4c956a1f8c4516c2f681b8f0e1a6
899d5ed197500c7e8c51e7b7bbce3854f849c013894de0ddee8e2b943522c48c
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/prepare_active.svg HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 17:00:26 GMT
etag: "1629768-715-5e106c2189e80"
accept-ranges: bytes
content-length: 1813
content-type: image/svg+xml
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/jos.png
200 OK 1.6 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/jos.png
IP
File type PNG image data, 211 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 274618a654defa096d623e842aea8c9f
197d25b28e559caaaf84ce52ae4208896626001f
732d411060fa868e0a8c128ad8fae13652e42fad8bbcef36650cee93c6742506
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/jos.png HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 01:44:02 GMT
etag: "162976b-622-5e2f0ded3bc80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1593
content-type: image/png
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: km3MAAiUXN11TxGGWzXyMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: liN5p4MdsHk4RwZS9r6xm76xKbk=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 09:25:42 GMT
expires: Fri, 22 Mar 2024 09:25:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 5701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 11:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
200 OK 38 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
IP
File type ASCII text, with very long lines (409), with CRLF line terminators
Hash f78b80e440c68f126218937f15de2162
54427605aff5fb271a7a438f6a625f3c16abc088
a5efbaf541ab03d4d25c296baf42890838bba8cf822794e45a54d4251783b84d
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sat, 25 Jun 2022 07:12:40 GMT
etag: "162976c-3f10f-5e240698a2a00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 37541
content-type: text/css
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/favicon.ico
200 OK 1.9 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/favicon.ico
IP
File type PNG image data, 99 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 1355e697b24cfd3acc218be8b00b4249
e9727504850157142558d84ccd22ec85fc1257fb
b7c96038597070153231b0f4f19198cd96fefc22b936bdb3002dc3cd3aa1b545
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/favicon.ico HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 01:44:22 GMT
etag: "1629773-761-5e3a5ec974980"
accept-ranges: bytes
content-length: 1889
cache-control: max-age=604800, public
content-type: image/x-icon
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu.3f5f30c75db82d447a41.woff
200 OK 131 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu.3f5f30c75db82d447a41.woff
IP
File type Web Open Font Format, TrueType, length 130652, version 0.83\012- data
Size 131 kB (130652 bytes)
Hash 3f5f30c75db82d447a4128e420cc4409
e55775ec5d394cd8e0ee6a1fdf4de967ccb9aad4
86b4ddf74e754d1049a67e0891f5b91b8c73f9e0e43386f6fe9ff379c882c367
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu.3f5f30c75db82d447a41.woff HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 17:33:12 GMT
etag: "1629770-1fe5c-5e10737476600"
accept-ranges: bytes
content-length: 130652
content-type: font/woff
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/glyphicons-halflings-regular.448c34a56d699c29117a.woff2
200 OK 18 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/glyphicons-halflings-regular.448c34a56d699c29117a.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/glyphicons-halflings-regular.448c34a56d699c29117a.woff2 HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 17:36:12 GMT
etag: "1629776-466c-5e1074201fb00"
accept-ranges: bytes
content-length: 18028
content-type: font/woff2
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu-Medium.6f623532e9e45ad985fd.woff
200 OK 120 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu-Medium.6f623532e9e45ad985fd.woff
IP
File type Web Open Font Format, TrueType, length 120252, version 0.83\012- data
Size 120 kB (120252 bytes)
Hash 49472412d613efd7ded4657791e9b7b6
4f8da6b194df54b60a47919ebcf4bdfbe49276ae
ba314ddb395f0f0b7d568163ee636ef4312dcaa4a1ace2163c9839189491ffe5
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu-Medium.6f623532e9e45ad985fd.woff HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 17:17:32 GMT
etag: "162976f-1d5bc-5e106ff402300"
accept-ranges: bytes
content-length: 120252
content-type: font/woff
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu-Regular.c1d4d43f824ea31feaba.woff
200 OK 160 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu-Regular.c1d4d43f824ea31feaba.woff
IP
File type Web Open Font Format, CFF, length 160460, version 0.0\012- data
Size 160 kB (160460 bytes)
Hash 031d476d2a233bfc7a108a027f6fb614
cb110a4bc539a117120cf794a3a82c8b29c54887
77866a2a2e2fd457f07074daf2a33fe25ca645b80416b4f0ad5a82776f19db1c
Analyzer Verdict Alert urlquery phishing Phishing - UPS
urlquery phishing Phishing - UPS
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/Ubuntu-Regular.c1d4d43f824ea31feaba.woff HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 17:15:24 GMT
etag: "1629771-272cc-5e106f79f0300"
accept-ranges: bytes
content-length: 160460
content-type: font/woff
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10755
Expires: Thu, 23 Mar 2023 13:59:59 GMT
Date: Thu, 23 Mar 2023 11:00:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10755
Expires: Thu, 23 Mar 2023 13:59:59 GMT
Date: Thu, 23 Mar 2023 11:00:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10755
Expires: Thu, 23 Mar 2023 13:59:59 GMT
Date: Thu, 23 Mar 2023 11:00:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10755
Expires: Thu, 23 Mar 2023 13:59:59 GMT
Date: Thu, 23 Mar 2023 11:00:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10755
Expires: Thu, 23 Mar 2023 13:59:59 GMT
Date: Thu, 23 Mar 2023 11:00:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:02:44 GMT
age: 57605
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/chevron-right.df09c3e8cf1fd04c4a2f.png
404 Not Found 5.9 kB URL HTTP/2 pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/chevron-right.df09c3e8cf1fd04c4a2f.png
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash a339004c2b4917d4b2466e7beb950390
219767b7e33dafd30803779bf6efebd7f8d1306e
7a7ead6d355159d68c5edd72b794ff2b78caa63c91c8ddc4835733d3974f4f25
GET /wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/chevron-right.df09c3e8cf1fd04c4a2f.png HTTP/1.1
Host: pacequitravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pacequitravel.com/wp-includes/Requests/Transport/.www.ups.com-ca.en-track-change-delivery.page/tracking/styles.d030702f49bd6d6a9088.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pacequitravel.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-length: 5856
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 11:00:43 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: k6VaCG5oTQnKOvKJnleVqxIIc9yOgdOL0oPcL0ZSVw7DZQ8_GzFoZQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:43 GMT
age: 47581
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3aa18378fc5715083fb26bd0d62f382
ee683e481a4501d2ab8ca63d1426d6fab6f2b064
8aade71c4b55f6a9daab28a05a90bcc3c6c01b700aa48d2f8ccdb1992fa5ee81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10816
x-amzn-requestid: 60a537d2-1b8a-4ae2-967c-a7e57c818cc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xY0EHqoAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6415629e-1be08f9f3a13492717fdaa48;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFf9EtVQUyRcUOT6Aj_L88__ZyBlVX61cOmPi70WnyxxPteVUFFXEw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 52749
etag: "ee683e481a4501d2ab8ca63d1426d6fab6f2b064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d24dfcd9f0afe0e4077384f16cc494
76213c7d5c759471ed3823888860f918ac7e8f13
fbbbef0498ddf14bc9b204273a3cd416c357dceed20339c3e8c64a16b0be3caf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7083
x-amzn-requestid: 52c38747-4a30-4831-87ca-7e72e5602ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHY_gFu8IAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64193b96-49c53b7c2e5ed4fc0217e357;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 05:07:34 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: XUrSSF8TgZSClR4MqJ0kuXGO-8KIguNmGe5lmVwzKXZO6CN0F9mimg==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:51:03 GMT
age: 47381
etag: "76213c7d5c759471ed3823888860f918ac7e8f13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 52749
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9024651c-3847-4a12-9650-405ea99fd1b9.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9024651c-3847-4a12-9650-405ea99fd1b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f29db357e8536a4aeccdd3df67d3205
391c43d349b943ea9af4aa6e3b6910c07370ee78
b0ee1cab104b785c33aca9f3caae8f9c1abd856af3cfe1603b2b7036727468ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9024651c-3847-4a12-9650-405ea99fd1b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5753
x-amzn-requestid: d2538544-4f4c-4de0-a438-a48642dd0f17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8pDGqyIAMFwRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b74a0-339c26cd16208aae5c47dc2f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:35:28 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: k8CxAaBFdfMb2TwytWOL1Xy9SRucuMEqX_YZ3dN1-RmI3rligms_oA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:51 GMT
age: 47573
etag: "391c43d349b943ea9af4aa6e3b6910c07370ee78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
52.216.204.78
23.36.76.226