Report - cors.api.paypal.com.l4j.kbnuqpz425v9xf1kiwewj2r0n.canarytokens.com/

Report Overview

Submitted URL
cors.api.paypal.com.l4j.kbnuqpz425v9xf1kiwewj2r0n.canarytokens.com/
IP
52.18.63.80
ASN
#16509 AMAZON-02
Submitted
2023-03-23 17:40:28
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cors.api.paypal.com.l4j.kbnuqpz425v9xf1kiwewj2r0n.canarytokens.com	unknown	2022-11-04T03:47:25Z	2022-11-04T03:47:27Z	398 B	353 B	52.18.63.80
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-29T05:16:53Z	402 B	4.0 kB	104.17.24.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	686 B	1.4 kB	142.250.74.163
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	450 B	42 kB	104.18.11.207
apple-resources.s3.amazonaws.com	14893	2019-06-08T05:57:43Z	2023-03-25T18:29:14Z	444 B	11 kB	52.217.201.41
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
canarytokens.org	unknown	2017-02-08T15:27:40Z	2023-03-26T07:36:54Z	13 kB	1.7 MB	52.18.63.80
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T10:10:07Z	393 B	34 kB	142.250.74.74
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-29T09:11:41Z	350 B	1.0 kB	54.230.80.227
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	54.230.245.118
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-29T06:27:16Z	1.4 kB	15 kB	151.101.129.229
fonts.cdnfonts.com	26261	2020-06-10T11:02:17Z	2023-03-29T16:15:57Z	387 B	104 kB	104.26.15.62
tools.applemediaservices.com	11162	2020-01-10T23:07:45Z	2023-03-26T12:14:22Z	504 B	502 B	18.214.85.104
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	60 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-29T05:11:35Z	368 B	1.9 kB	104.18.21.226
v4-alpha.getbootstrap.com	732993	2015-09-05T17:03:35Z	2023-03-24T10:52:16Z	825 B	48 kB	104.22.58.100
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.188.105.26
getbootstrap.com	26931	2015-09-02T12:45:06Z	2023-03-29T12:56:44Z	436 B	850 B	104.22.58.100

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 17:40:25	high	Client IP	Internal IP	ET ATTACK_RESPONSE DNS Query for Observed CVE-2021-44228 Security Scanner Domain (canarytokens .com)
2023-03-23 17:40:25	high	Client IP	Internal IP	ET ATTACK_RESPONSE DNS Query for Observed CVE-2021-44228 Security Scanner Domain (canarytokens .com)
2023-03-23 17:40:26	high	Client IP	52.18.63.80	ETPRO POLICY Observed HTTP Request to Canary Token Service
2023-03-23 17:40:26	medium	Client IP	52.18.63.80	ET PHISHING Possible Paypal Phishing Domain Mar 14 2016

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	cdn.jsdelivr.net/jquery.tooltipster/4.1.8/js/tooltipster.bundle.min.js	40 kB	2023-03-10	2024-02-20
Pretty URL cdn.jsdelivr.net/jquery.tooltipster/4.1.8/js/tooltipster.bundle.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:07:30 Last Seen2024-02-20 17:31:07 Times Seen20 Hash 830e88f5171c87a38799569409a32e26 86af151d964e9beaaa4f7edb08ddbc6d5fdb8dbe abbdf664b0e1d72f7f470ccf8cab7f18e0c4de5aa3fb4efc374c3030361088f8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js	93 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:45 Last Seen2024-04-25 17:39:54 Times Seen448 Hash 9af32b0c4370614a502342d27e9c8954 ab60ff3c40cfdf04c850d35b8bfc928fccfda718 1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd Loading...

	canarytokens.org/resources/perfect-scrollbar.min.js	18 kB	2023-03-07	2024-04-17
Pretty URL canarytokens.org/resources/perfect-scrollbar.min.js IP 52.18.63.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-04-17 19:27:55 Times Seen173 Hash 3d20caccc3d9adf7e0509f4390140fe4 050b4becca5865c78b48c3bb16a33339ecb33402 9b237657ba86b4f520dcbe7af367b6b566b07e66385258442fd219a80d58629e Loading...

	v4-alpha.getbootstrap.com/assets/js/ie10-viewport-bug-workaround.js	668 B	2023-03-07	2024-03-14
Pretty URL v4-alpha.getbootstrap.com/assets/js/ie10-viewport-bug-workaround.js IP 104.22.58.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:12 Last Seen2024-03-14 19:30:38 Times Seen85 Hash 56e8a7b0282409fd020be51b4995a79c 5ab3ef8b9dc31fc2790358b190bda7a96b3c02eb 98ea99e45ff5cfd752359c2e005a8d62483e9454550e150fa0e1636b6909a16a Loading...

	canarytokens.org/resources/site.js	110 B	2023-03-10	2024-02-20
Pretty URL canarytokens.org/resources/site.js IP 52.18.63.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:07:30 Last Seen2024-02-20 17:31:07 Times Seen20 Hash 624a61b5a86da030584de2cb83c97f84 5d7cf94815d88ddec2755fe886e9e1b2b4c69da9 0150991190fb669a91d9a844affaf1724869206048fa0dcdb729e1b520530e54 Loading...

	canarytokens.org/generate	31 kB	2023-03-25	2023-07-17
Pretty URL canarytokens.org/generate IP 52.18.63.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:21:13 Last Seen2023-07-17 09:20:30 Times Seen7 Hash bfa44c4e186fd2ca42b7c520442e69a7 00b9060cb5107e81284b03f407fd4faca2610c67 5a5a3590f3e3ca89f74dc1fec1691b7496038fa0bb1cc62d8f1bb384ad592a3f Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.0/clipboard.min.js	11 kB	2023-03-10	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.0/clipboard.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:07:30 Last Seen2024-04-25 14:04:58 Times Seen94 Hash d3d323fd9a370c90e83427d50f383a63 955c117a36f8b4f7ace2dfe73f246be007bf5d29 74511bfa45ec3a55c3154e1af7e1307c713ccf58542611064d46f7ce48726d83 Loading...

HTTP Transactions (69)

URL IP Response Size

cors.api.paypal.com.l4j.kbnuqpz425v9xf1kiwewj2r0n.canarytokens.com/

52.18.63.80

301 Moved Permanently

162 B

URL HTTP/1.1
cors.api.paypal.com.l4j.kbnuqpz425v9xf1kiwewj2r0n.canarytokens.com/
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

NIDS	Severity	Alert
suricata	high	ETPRO POLICY Observed HTTP Request to Canary Token Service
suricata	medium	ET PHISHING Possible Paypal Phishing Domain Mar 14 2016

HTTP Headers

GET / HTTP/1.1
Host: cors.api.paypal.com.l4j.kbnuqpz425v9xf1kiwewj2r0n.canarytokens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 17:40:17 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://canarytokens.org/

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5393
Expires: Thu, 23 Mar 2023 19:10:10 GMT
Date: Thu, 23 Mar 2023 17:40:17 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5784
Expires: Thu, 23 Mar 2023 19:16:41 GMT
Date: Thu, 23 Mar 2023 17:40:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 17:15:07 GMT
content-type: application/json
age: 1510
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4632
Expires: Thu, 23 Mar 2023 18:57:29 GMT
Date: Thu, 23 Mar 2023 17:40:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: hY4zGse2K/9g4PdvBoF0nYURlYaSNHFaf/Wp3B4z/4RDsmlfhDRendfkPatunZ58YmcINo4gVaA=
x-amz-request-id: YCVA3ZVDHBY68ZMD
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 17:00:02 GMT
age: 2415
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 17:40:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf20f5e00e70e97414b1a5c8f6f36946
b0859bcdd32ff1d8e52e59a455b4dd91676f9823
796988256984a0e5b5ff8135b8733b3fdd11670660e86ecb4191b149b9666aa8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "796988256984A0E5B5FF8135B8733B3FDD11670660E86ECB4191B149B9666AA8"
Last-Modified: Wed, 22 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7795
Expires: Thu, 23 Mar 2023 19:50:13 GMT
Date: Thu, 23 Mar 2023 17:40:18 GMT
Connection: keep-alive

canarytokens.org/

52.18.63.80

302 Found

194 B

URL HTTP/1.1
canarytokens.org/
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
194 B (194 bytes)
Hash
c9ee7bc0ba8f2151f374ed86bb21c000
177937402d78f65531f814f30308b49267940bc8
e95ee2ee70ca3070726fcda3c6619ae8f0dc437c368b75c87772e297d1d1a60b

HTTP Headers

GET / HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 194
Connection: keep-alive
Location: generate

canarytokens.org/generate

52.18.63.80

200 OK

20 kB

URL HTTP/1.1
canarytokens.org/generate
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (355)
Size
20 kB (20018 bytes)
Hash
2bc916268e9f7a4ae2b607f62ed37dbc
1d728277a2e2f0ee6d1d10d07e92882e3be21b5f
d5f9d80612f3c93f526a3ca7e9945969d3aaf9073459015b9b5c65501747d404

HTTP Headers

GET /generate HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 17:14:33 GMT
age: 1545
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

canarytokens.org/resources/perfect-scrollbar.css

52.18.63.80

200 OK

676 B

URL HTTP/1.1
canarytokens.org/resources/perfect-scrollbar.css
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
troff or preprocessor input, ASCII text
Size
676 B (676 bytes)
Hash
631db58ad7b44e8d7c83e509dd21ffe4
7e335935b46964f334effd80ed120a1febb1583b
672d41e4e73142e1d226e14d3324aa55860521760801dad7a7b2bb19d0b6b5d1

HTTP Headers

GET /resources/perfect-scrollbar.css HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.0/clipboard.min.js

104.17.24.14

200 OK

3.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.0/clipboard.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (10471)
Size
3.0 kB (2971 bytes)
Hash
6ff421e07461e358546f892b1096cfee
f6088693a7e4d439331cca3ffa7c5780475a7682
5e2be23f69c9ba8db0ce2eb68d825f9c7e842aeb605a09e6248a4b7a488c979a

HTTP Headers

GET /ajax/libs/clipboard.js/1.6.0/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:40:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2971
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e29-2953"
last-modified: Mon, 04 May 2020 16:09:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 580485
expires: Tue, 12 Mar 2024 17:40:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeF3Y33HCz%2F4szq6X9WjKAFmSJuOChbQfAismmHVE6hMcNMO%2BOZwkhhCShKPpagpXW2CE01JxMDgGgCoXunsHwt5pMNrp1VPqnOXR9iGA07y3NG77juaNY%2BmIaKLNl1pJn4ey%2FEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ac8756ef819b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

canarytokens.org/resources/site.js

52.18.63.80

200 OK

110 B

URL HTTP/1.1
canarytokens.org/resources/site.js
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
110 B (110 bytes)
Hash
624a61b5a86da030584de2cb83c97f84
5d7cf94815d88ddec2755fe886e9e1b2b4c69da9
0150991190fb669a91d9a844affaf1724869206048fa0dcdb729e1b520530e54

HTTP Headers

GET /resources/site.js HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: application/javascript
Content-Length: 110
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

cdn.jsdelivr.net/jquery.tooltipster/4.1.8/js/tooltipster.bundle.min.js

151.101.129.229

200 OK

11 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.tooltipster/4.1.8/js/tooltipster.bundle.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32029)
Size
11 kB (10953 bytes)
Hash
b8b87c70b80eee43d01336fa22e5dae6
d2a21cd034a260c210ffc11f60957f9db8bfd076
1f74cd3f3386ca7011c3581fce10e901df5505eeacc3f65d2d04de4af7c6d4e2

HTTP Headers

GET /jquery.tooltipster/4.1.8/js/tooltipster.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://canarytokens.org
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"9bc1-hq8VHZZOm+qqT37bCN28bV/bjb4"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 17:40:18 GMT
age: 707962
x-served-by: cache-fra-eddf8230064-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10953
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.tooltipster/4.1.8/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-borderless.min.css

151.101.129.229

200 OK

320 B

URL HTTP/2
cdn.jsdelivr.net/jquery.tooltipster/4.1.8/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-borderless.min.css
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1806), with no line terminators
Size
320 B (320 bytes)
Hash
aa36205e569cc94c15f4970abb394673
31e32e1829ce023229a2387d60faa60cb4e66ab2
65afd508958d08819826f09e697226451959e6f993a4584e246932f3e3a7138c

HTTP Headers

GET /jquery.tooltipster/4.1.8/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-borderless.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://canarytokens.org
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"70e-MvH7VnMl4snSUtR5l6XNsxU9RYI"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 17:40:18 GMT
age: 707965
x-served-by: cache-fra-eddf8230135-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 320
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.tooltipster/4.1.8/css/tooltipster.bundle.min.css

151.101.129.229

200 OK

1.2 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.tooltipster/4.1.8/css/tooltipster.bundle.min.css
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6495), with no line terminators
Size
1.2 kB (1160 bytes)
Hash
53113db71878d118875e4afe118339af
b84e624317dfd3361104049f2faa8a94c1a59b8e
dc1d6eb7de0b451420c796e6b1589d3e7af89314806b9684a8b107ddb33f5c15

HTTP Headers

GET /jquery.tooltipster/4.1.8/css/tooltipster.bundle.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://canarytokens.org
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"195f-Y5EBA+jMXkvessKJz79B+Jlm6ls"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 17:40:18 GMT
age: 707916
x-served-by: cache-fra-eddf8230068-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1160
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6567
Expires: Thu, 23 Mar 2023 19:29:45 GMT
Date: Thu, 23 Mar 2023 17:40:18 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
f199c99774e3ed363e4a099c8191551f
dd5ded6123bfa86b2531bf305a407c472c60efd0
8233ad701fa38118bb5b3c1afbdc308f9b0de980e66dd212ec2adb7fddf12705

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "90B69BAF053A1D1EC014B2BA54B6C832521FA4A4"
Expires: Fri, 24 Mar 2023 04:00:00 GMT
Last-Modified: Thu, 23 Mar 2023 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1442
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac8756f8fedb50b-OSL

ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js

142.250.74.74

200 OK

33 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32099)
Size
33 kB (32964 bytes)
Hash
3469579c43507b5024c3a02818a339ef
c0bfa243ac56b2bb5e2f2d89a18320d68bd87e33
1ae52784fa308e6c1cd71a7ae8f3b9a2ce27f3e0801a734a6b108ff38a717d56

HTTP Headers

GET /ajax/libs/jquery/1.10.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:14 GMT
expires: Thu, 21 Mar 2024 18:05:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 84904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

canarytokens.org/resources/perfect-scrollbar.min.js

52.18.63.80

200 OK

18 kB

URL HTTP/1.1
canarytokens.org/resources/perfect-scrollbar.min.js
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (17959)
Size
18 kB (18034 bytes)
Hash
3d20caccc3d9adf7e0509f4390140fe4
050b4becca5865c78b48c3bb16a33339ecb33402
9b237657ba86b4f520dcbe7af367b6b566b07e66385258442fd219a80d58629e

HTTP Headers

GET /resources/perfect-scrollbar.min.js HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: application/javascript
Content-Length: 18034
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/styles.min.css?ver=9

52.18.63.80

200 OK

4.4 kB

URL HTTP/1.1
canarytokens.org/resources/styles.min.css?ver=9
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16630)
Size
4.4 kB (4432 bytes)
Hash
558d8b3649a23e3640d9459b887f9391
e00c11d36d0f690c908990dd148ca72e07510f0f
10fbbd774d0eaef3350b0eaf3e84c67d0d36888c604949077817aa2c638ad5fc

HTTP Headers

GET /resources/styles.min.css?ver=9 HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

canarytokens.org/resources/clippy.svg

52.18.63.80

200 OK

519 B

URL HTTP/1.1
canarytokens.org/resources/clippy.svg
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (444)
Size
519 B (519 bytes)
Hash
c6b234719965cc10df0f8d12c1f438dd
386f533083a450bb34f87dab852e495195a7fddb
686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71

HTTP Headers

GET /resources/clippy.svg HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/svg+xml
Content-Length: 519
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/download.svg

52.18.63.80

200 OK

527 B

URL HTTP/1.1
canarytokens.org/resources/download.svg
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (457)
Size
527 B (527 bytes)
Hash
2ba31b1e9f44c68324f12bde4b265dab
61d941bb02f0545a8ab399e64a2ac1bd1197c593
3c686f514bb3c4dac1156abab4a23b52e77e876136be4b8d32f8a7d21d91ab5b

HTTP Headers

GET /resources/download.svg HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/svg+xml
Content-Length: 527
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/web.png

52.18.63.80

200 OK

4.3 kB

URL HTTP/1.1
canarytokens.org/resources/web.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4256 bytes)
Hash
3a5c829202bde7d5cc556e41c36058df
668d487b52b11db2638f87bd6a65d7d53b9cca7e
a1be21a909c51bcbb9fd6861e23d93055e4a6ce8ce39c216ca93c5df9e3bfb30

HTTP Headers

GET /resources/web.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 4256
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/logo.png

52.18.63.80

200 OK

63 kB

URL HTTP/1.1
canarytokens.org/resources/logo.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1648 x 278, 8-bit/color RGBA, non-interlaced\012- data
Size
63 kB (62594 bytes)
Hash
5fc2db5f8d5d41a3bdc65bca0e4e46d0
e4c10cb70069bcfb0180646469b1f2d556a055e6
9f74994336912ed02678f3275cda84946aee97fd47dd934d3247dc7e1cc7a1e1

HTTP Headers

GET /resources/logo.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 62594
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/dns.png

52.18.63.80

200 OK

36 kB

URL HTTP/1.1
canarytokens.org/resources/dns.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (36005 bytes)
Hash
82959c40413fe2b005665df88682270f
9b5fff16be3d055bbb2be37d9bd1f456ade5b6c6
9999ee69d273e85b22f9b3eb2fb147c1d2d15e9e413566619ad0116c749552b3

HTTP Headers

GET /resources/dns.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 36005
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/google-play.png

52.18.63.80

200 OK

50 kB

URL HTTP/1.1
canarytokens.org/resources/google-play.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1280 x 378, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (50000 bytes)
Hash
ef9ef08dd89ccd52c656e59a21288b76
6a71a7909fb59350a425ede9dfba49415c46ac1e
4a61fa9d7f445157b3863b7bf64b5142e0ecbfb1e174340f114b2eb53814f38b

HTTP Headers

GET /resources/google-play.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 50000
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/msreg.png

52.18.63.80

200 OK

7.3 kB

URL HTTP/1.1
canarytokens.org/resources/msreg.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7324 bytes)
Hash
7de263560f70dc15f0f7a833e2f1919f
2b1649ccb9160ed758d244aa3992f99ede90edd0
43fd3c37a747c861927ac24f3f2c007e809960acb65b7004d74275ba580d5e34

HTTP Headers

GET /resources/msreg.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 7324
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/word.png

52.18.63.80

200 OK

10 kB

URL HTTP/1.1
canarytokens.org/resources/word.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10145 bytes)
Hash
469ab0f100f05a769c9e8d03dcbe3026
1c46b2dab8f1e577026d5b1c0cbd4b8806d40bd1
f57a82dbcaa226452cde839b3a43d6b6d6c4e4b3a71dcdba733a1735186a1516

HTTP Headers

GET /resources/word.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 10145
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/aws.png

52.18.63.80

200 OK

38 kB

URL HTTP/1.1
canarytokens.org/resources/aws.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 462 x 462, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38071 bytes)
Hash
6beee1688f946005d751679fa257c3b5
3f08eb0c822dae12758b612d6ef45231e7c24d06
1c9821d7c622f9f6457168deade61c19326c2279cbfc74be9631971f06439eae

HTTP Headers

GET /resources/aws.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 38071
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/thinkst-canary-banner-hi-res-2.png

52.18.63.80

200 OK

505 kB

URL HTTP/1.1
canarytokens.org/resources/thinkst-canary-banner-hi-res-2.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1598 x 446, 8-bit/color RGBA, non-interlaced\012- data
Size
505 kB (505247 bytes)
Hash
427bfb3bb12bcd4979bbfe4bd5c5a20e
a52dfabc438e1d065ad7993f89b20d5a1bc24de9
6d70e8d8008cd61e3cb63f7b9091fa1dd3ae1d5e99d4d5648f34a0f3f2891c93

HTTP Headers

GET /resources/thinkst-canary-banner-hi-res-2.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 505247
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/azure-id.png

52.18.63.80

200 OK

86 kB

URL HTTP/1.1
canarytokens.org/resources/azure-id.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size
86 kB (85496 bytes)
Hash
ace36ca4a96b6de28da92198f1b9df78
e5dc80e6f753dcc9202fbf46ec401a1066353944
9438a8d8244ef17d1d0a67b273b1b53102a64d18ed840c0165d4fb9ca398fdd4

HTTP Headers

GET /resources/azure-id.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 85496
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/canarytokens-done.png

52.18.63.80

200 OK

57 kB

URL HTTP/1.1
canarytokens.org/resources/canarytokens-done.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 430, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (57069 bytes)
Hash
19d720aeab926e8726d68e3d0428afaf
0f0766bfe6dfe4da8eec5b09713b827498db109a
cd3368fbfce2800f4640934abc5278c8f60d98a6f459578b88efe34046cdbf9d

HTTP Headers

GET /resources/canarytokens-done.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 57069
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/excel.png

52.18.63.80

200 OK

9.1 kB

URL HTTP/1.1
canarytokens.org/resources/excel.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 376 x 368, 8-bit/color RGBA, non-interlaced\012- data
Size
9.1 kB (9081 bytes)
Hash
a0566997269fbbcea17b5c163e7c740b
1a40dc87486e6ba4c55b199e1f3417d256d864a5
b95a1c40aedd04c32cf453f527451def94a417ef3531610846febd57720082c9

HTTP Headers

GET /resources/excel.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 9081
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/kubernetes_icon.png

52.18.63.80

200 OK

12 kB

URL HTTP/1.1
canarytokens.org/resources/kubernetes_icon.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11848 bytes)
Hash
089441b46afb5027f7a47f681bf1c428
c3c1551a9916e4a58fd2822c17374059fbb0c626
652440df394a5658b41e0544143a4f8e34003ee0fb176386f2140c5437a315f8

HTTP Headers

GET /resources/kubernetes_icon.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 11848
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/credit-card.png

52.18.63.80

200 OK

54 kB

URL HTTP/1.1
canarytokens.org/resources/credit-card.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
54 kB (54429 bytes)
Hash
661fad583acf66206451e2d168bd3796
095ad12dd48f18ca27dbc00c026bff0dd5ab195e
c61abe31a0ceafea193bcc9fe324ad4f401b496417a52e225a28563769b9c57e

HTTP Headers

GET /resources/credit-card.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 54429
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

v4-alpha.getbootstrap.com/examples/narrow-jumbotron/narrow-jumbotron.css

104.22.58.100

301 Moved Permanently

40 kB

URL HTTP/2
v4-alpha.getbootstrap.com/examples/narrow-jumbotron/narrow-jumbotron.css
IP
104.22.58.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39769 bytes)
Hash
260d141b41aac97aad0ad3e549709180
ebe0d060a617c9cc12a0640a3c57dd0100a1b743
a9ef5bf0aec59a8b09705c07e0809bac69bcacda18ff3526a96e1b2347d0e8e5

HTTP Headers

GET /examples/narrow-jumbotron/narrow-jumbotron.css HTTP/1.1
Host: v4-alpha.getbootstrap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Thu, 23 Mar 2023 17:40:18 GMT
location: https://getbootstrap.com/docs/4.0/examples/narrow-jumbotron/narrow-jumbotron.css
cache-control: max-age=3600
expires: Thu, 23 Mar 2023 18:40:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ac8756eeccfb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

canarytokens.org/resources/clonedsite.png

52.18.63.80

200 OK

17 kB

URL HTTP/1.1
canarytokens.org/resources/clonedsite.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17097 bytes)
Hash
203357ba00f067e8e46269d6def8cb60
188aebf2af77268efe860afa2d7471c782b784ca
45cd37e2757820aed7ce115b0f9542ecfda44603266d574c4ce2587a7fee521f

HTTP Headers

GET /resources/clonedsite.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 17097
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/qrcode.png

52.18.63.80

200 OK

4.0 kB

URL HTTP/1.1
canarytokens.org/resources/qrcode.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 290 x 290, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3951 bytes)
Hash
ea9725f7398d37e351ae9e9db0c9b3c0
5145010c10c9b7260ad6ba66fb6c7f0870abc6f1
e53d9661426fb2f4c70006bc76afaa54984e93f113aee6970e6be1b1cf6c1442

HTTP Headers

GET /resources/qrcode.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 3951
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

push.services.mozilla.com/

54.188.105.26

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.188.105.26:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U0JtExARhBoW9JbwNxJbmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MXU22CbOwJSmB86dJDEDl0K2ZAQ=

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

104.18.11.207

200 OK

41 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65317)
Size
41 kB (40616 bytes)
Hash
5ae38e8a3afba39e3af82dc5d5220ea9
ae88d26a8e7ac3ecd694a8a372b72bc4a248f854
baaba75f2cefb4d7304d031100bdf38ba72f3ab4acab3844f547db451c72d501

HTTP Headers

GET /bootstrap/4.0.0-alpha.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://canarytokens.org
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:40:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
cdn-cachedat: 2021-06-08 21:13:01
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: d5ca55151329d3c2552ee0093cb2be49
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 1151954
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ac8756eee9fb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

canarytokens.org/resources/redirect.png

52.18.63.80

200 OK

141 kB

URL HTTP/1.1
canarytokens.org/resources/redirect.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
141 kB (141178 bytes)
Hash
0c81e4c498279d51e7041b20956fb708
bef717c1864dff3e8e728c0dbb725822e12ca162
ce5c5b64902220c0ac287fa4283c4160c7366cb134b3dc693b52b90f07b90bd0

HTTP Headers

GET /resources/redirect.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 141178
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

fonts.cdnfonts.com/css/ocr-a-extended

104.26.15.62

200 OK

103 kB

URL HTTP/2
fonts.cdnfonts.com/css/ocr-a-extended
IP
104.26.15.62:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
103 kB (103305 bytes)
Hash
128fc53495842f3f6451feb48b55ec40
883f9e02a3f28a2097af94e25694381bfd41e5c7
7d4b7fda5d060bb8dc9cd3e497c700de09ce5a1d33b3cdfa9f84acba41bba4b1

HTTP Headers

GET /css/ocr-a-extended HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:40:18 GMT
content-type: text/css;charset=UTF-8
cf-bgj: minify
cf-polished: origSize=205
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 7432687
last-modified: Tue, 27 Dec 2022 17:02:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRlg40b1dmQzq2kait050SCO0TTIMxrHVDAj%2Ba%2FxE0UmJWOzLIOtCLoyy7tfUVR9Mj8AHajwwjrIVCBhsy5oDXTUm1QSonl7NX%2BHIhTC5Jt%2FouDhVVRwZPNWgWpe7yC31%2FMeqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ac8756ef996b515-OSL
content-encoding: br
X-Firefox-Spdy: h2

v4-alpha.getbootstrap.com/assets/js/ie10-viewport-bug-workaround.js

104.22.58.100

301 Moved Permanently

7.6 kB

URL HTTP/2
v4-alpha.getbootstrap.com/assets/js/ie10-viewport-bug-workaround.js
IP
104.22.58.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7555 bytes)
Hash
ec55c86940faf1d3518f62b8701d5d2e
6e7dc0a90242fe1765cdefae6f1c9e9c87d9142a
33311cecc74e5a1cdb7ceb57af3438975c75fc319d47d1f731c8bbac14234b87

HTTP Headers

GET /assets/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: v4-alpha.getbootstrap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Thu, 23 Mar 2023 17:40:18 GMT
location: https://getbootstrap.com/docs/4.0/assets/js/ie10-viewport-bug-workaround.js
cache-control: max-age=3600
expires: Thu, 23 Mar 2023 18:40:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ac8756f0d07b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

canarytokens.org/resources/pdf.png

52.18.63.80

200 OK

9.9 kB

URL HTTP/1.1
canarytokens.org/resources/pdf.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9893 bytes)
Hash
bca755c6778b2670fda000a988812be6
c610585c705eb34dbbfef3925267a4671ce7edf2
c7cfbd5a50da3b8699d83576ccdb44a289268f655cd3502c2172f7c30b61cdb1

HTTP Headers

GET /resources/pdf.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 9893
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/sqlserver.png

52.18.63.80

200 OK

112 kB

URL HTTP/1.1
canarytokens.org/resources/sqlserver.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
112 kB (111787 bytes)
Hash
ab52056ecf55105e2e3200bb095309ad
033c39588761bb7171db2ac8d13531a56d6db16f
f8dafdb1fc6328c32c31dbc1fd5037dc5bf928c7d4465d2b94f7a9c9c1640d0c

HTTP Headers

GET /resources/sqlserver.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 111787
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/svn.png

52.18.63.80

200 OK

10 kB

URL HTTP/1.1
canarytokens.org/resources/svn.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 200 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10027 bytes)
Hash
e8f971de44f4ff3af3484900b55b958c
a5c413491ff81b84ac1408166c1ee2d7ed899888
85baf1666f7a4070e6c171920564286651ed1e041957986093a2a560be6177eb

HTTP Headers

GET /resources/svn.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 10027
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/folder.png

52.18.63.80

200 OK

205 kB

URL HTTP/1.1
canarytokens.org/resources/folder.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
205 kB (205286 bytes)
Hash
925998f9a2cb6e203e46a9fb00200d6c
e31889fc348ae97d72aaad13a31c4508d2e37f37
98948238f9eaf01dcd4e9f53e45005aee080cff3a2211b0c31118344109a4151

HTTP Headers

GET /resources/folder.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 205286
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
89744773935794cc1e2b6450ef29d7b9
312b1db11d83b7d1e83cd1727b80fa1590a513c3
a1f376e27591ec2a5a9ac24fecdb58c9b5f5a5e52d224d04ea18ea8e29e24a69

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134489
Date: Thu, 23 Mar 2023 17:40:18 GMT
Etag: "641be12d-1d7"
Expires: Sat, 25 Mar 2023 07:01:47 GMT
Last-Modified: Thu, 23 Mar 2023 05:18:37 GMT
Server: ECAcc (nya/78BE)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6Y9htjuz6HYmPYUAO-Cv084YXfNByc6C0zrdBlJpNbcKeVU44W8k2g==
Age: 6190

canarytokens.org/resources/email.png

52.18.63.80

200 OK

28 kB

URL HTTP/1.1
canarytokens.org/resources/email.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 599 x 567, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27604 bytes)
Hash
a9271c7b1d2b8453e14cac2c2f0f05a3
231782747b6678d5a1975ec163c66e4e2d32be7c
dea65930e98a49135ba82c596b20a16d21177cd3088088141696c85fe4f99b67

HTTP Headers

GET /resources/email.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 27604
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

canarytokens.org/resources/exe.png

52.18.63.80

200 OK

136 kB

URL HTTP/1.1
canarytokens.org/resources/exe.png
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
136 kB (136333 bytes)
Hash
43a9a102ac75e173a3b77f8296c96587
1897a12c1a0082c547e7715eb034ba1fd0f9591a
fe31bf0c0bbb9508bfc3f1ca365aea99073036798d0db7bea20a7428a35becf4

HTTP Headers

GET /resources/exe.png HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/resources/styles.min.css?ver=9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:18 GMT
Content-Type: image/png
Content-Length: 136333
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us?size=250x83&releaseDate=1545264000&h=b15fc494302fdddf3af31ab97784d31d

18.214.85.104

301 Moved Permanently

0 B

URL HTTP/2
tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us?size=250x83&releaseDate=1545264000&h=b15fc494302fdddf3af31ab97784d31d
IP
18.214.85.104:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/badges/download-on-the-app-store/black/en-us?size=250x83&releaseDate=1545264000&h=b15fc494302fdddf3af31ab97784d31d HTTP/1.1
Host: tools.applemediaservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Thu, 23 Mar 2023 17:40:18 GMT
content-type: text/html;charset=utf-8
content-length: 0
location: https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 17:40:18 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

canarytokens.org/resources/favicon.ico

52.18.63.80

200 OK

9.0 kB

URL HTTP/1.1
canarytokens.org/resources/favicon.ico
IP
52.18.63.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 196 x 196, 8-bit/color RGBA, interlaced\012- data
Size
9.0 kB (8992 bytes)
Hash
1238b23737b227627de34e86cec01453
8a72354ebff8d77d852bf55abd89cc1d1e33dda5
62b677bb25e666531d6404a83f1362f4826a61302aa53bc0a6554ffecae74311

HTTP Headers

GET /resources/favicon.ico HTTP/1.1
Host: canarytokens.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://canarytokens.org/generate
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 17:40:19 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 8992
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Thu, 16 Mar 2023 15:16:28 GMT

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
16b37da4e00b760120db2510ca3a3bea
29722d25ce28ab58a8f79dc4d1d124c8f3c8a725
fa70f3f63310890b07aaf2a277b36ac45c2bbceb7c89a89761edc169819158d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156825
Date: Thu, 23 Mar 2023 17:40:19 GMT
Etag: "641c4acb-1d7"
Expires: Sat, 25 Mar 2023 13:14:04 GMT
Last-Modified: Thu, 23 Mar 2023 12:49:15 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jqwBz5WNx-VT5SF5RTlkdNsQmIYu601BlM9PA0d9GM8VGo_TR0aLwQ==
Age: 1489

apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg

52.217.201.41

200 OK

11 kB

URL HTTP/1.1
apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
IP
52.217.201.41:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Size
11 kB (10804 bytes)
Hash
2928664fe1fc6aca88583a6f606d60ba
2f2fe1cbd0563b3ce3ea79fcdf1549ed244b3993
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

HTTP Headers

GET /media-badges/download-on-the-app-store/black/en-us.svg HTTP/1.1
Host: apple-resources.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://canarytokens.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: SbLUbTZS6ZUkSKKwZw1BIpm4fgvOYyP9k5SQcn84dmICobcnNrdVCAGP9qpOzf5QdeVNuwVqrVE=
x-amz-request-id: WJ7DY8BGJ2D5M38M
Date: Thu, 23 Mar 2023 17:40:20 GMT
Last-Modified: Wed, 29 Apr 2020 21:18:39 GMT
ETag: "2928664fe1fc6aca88583a6f606d60ba"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 10804

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:40:19 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:40:19 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:40:19 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15677
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:40:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5950 bytes)
Hash
800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:02:44 GMT
age: 70655
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pvFey5NWlIqIXlHLMYSUiylATCU1ZxodOb6imsPCxrJDRscwky8dVQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:27 GMT
age: 71512
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10480 bytes)
Hash
6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:59:52 GMT
age: 70827
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10284 bytes)
Hash
4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Pv-MA9gQ4PmXuY3EWSC77_g2fn_C9-bYUQ4azcrxLNvtwY6CZZg1nA==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:55:01 GMT
age: 35118
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10407 bytes)
Hash
2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lKww3e9Hvk0r0LPn7u6pu6Fx9V8RThNVxQEdyWVFAQdOun-53X-tLw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:49:35 GMT
age: 71444
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6692 bytes)
Hash
c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 35155
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

getbootstrap.com/docs/4.0/examples/narrow-jumbotron/narrow-jumbotron.css

104.22.58.100

200 OK

0 B

URL HTTP/2
getbootstrap.com/docs/4.0/examples/narrow-jumbotron/narrow-jumbotron.css
IP
104.22.58.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /docs/4.0/examples/narrow-jumbotron/narrow-jumbotron.css HTTP/1.1
Host: getbootstrap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://canarytokens.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:40:18 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Sat, 24 Dec 2022 16:43:29 GMT
access-control-allow-origin: *
etag: W/"63a72c31-59b"
expires: Thu, 23 Mar 2023 07:58:45 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 2C76:4361:2910D7D:3848666:6412F551
via: 1.1 varnish
x-served-by: cache-yyz4563-YYZ
x-cache: HIT
x-cache-hits: 1
x-timer: S1679041092.066500,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 45863a5edc7b9af126ce630beeee7bc19e36d9a1
cf-cache-status: HIT
age: 242
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ac8756f2d3ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (69)

URL HTTP/1.1

IP

ASN

File type