Report - han.gl/YKWIQ

Report Overview

Submitted URL
han.gl/YKWIQ
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-07 00:03:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	63 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	840 B	12 kB	34.160.144.191
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-13T08:02:38Z	435 B	43 kB	34.120.5.221
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-13T05:09:14Z	453 B	204 B	44.234.248.225
gfonts.jwwb.nl	unknown	2022-11-01T10:44:25Z	2023-03-13T07:25:56Z	1.5 kB	38 kB	151.101.1.91
primary.jwwb.nl	unknown	2023-01-12T13:26:21Z	2023-03-13T07:25:56Z	1.5 kB	20 kB	151.101.129.91
firefox-settings-attachments.cdn.mozilla.net	11509	2019-11-30T10:32:57Z	2023-03-13T08:38:30Z	412 B	808 kB	34.111.73.144
detectportal.firefox.com	1601	2018-08-30T11:52:03Z	2023-03-13T05:09:11Z	606 B	428 B	34.107.221.82
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.1 kB	11 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	7.6 kB	226 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	736 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.163.74.93
temp-ldoigoxdmdzeuyikfkxf.webador.es	unknown	2023-02-06T09:42:01Z	2023-02-07T01:02:54Z	466 B	603 B	34.90.225.198
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
assets.jwwb.nl	unknown	2022-06-17T16:52:38Z	2023-03-13T07:25:56Z	4.3 kB	186 kB	151.101.1.91
plausible.io	48197	2019-02-01T09:53:03Z	2023-03-13T09:32:29Z	864 B	17 kB	195.181.166.158
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	393 B	21 kB	216.239.38.178
han.gl	unknown	2012-12-17T11:18:24Z	2023-03-13T11:56:47Z	441 B	879 B	172.67.189.251
www.webador.es	unknown	2022-07-02T04:01:55Z	2023-03-08T00:00:34Z	407 B	525 B	34.90.225.198

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	han.gl/YKWIQ	Bancolombia
2023-02-06	medium	temp-ldoigoxdmdzeuyikfkxf.webador.es/	Bancolombia

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-07	medium	han.gl/YKWIQ	Phishing
2023-02-07	medium	temp-ldoigoxdmdzeuyikfkxf.webador.es/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	assets.jwwb.nl/assets/website-rendering/runtime.a32096df2ef1dba8ec4d.js?bust=4934ef961e61872dc596	6.2 kB	2023-03-13	2023-03-29
Pretty URL assets.jwwb.nl/assets/website-rendering/runtime.a32096df2ef1dba8ec4d.js?bust=4934ef961e61872dc596 IP 151.101.1.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:55:00 Last Seen2023-03-29 21:23:02 Times Seen6 Hash 4934ef961e61872dc59629103314a0d3 3589c64d5ca0d38fd71a41d27dd6a3b72ab3ca14 a6471411a87ea5a53b1b484ac60784b00c5c90b80db744631e40c0fa131b881b Loading...

	assets.jwwb.nl/assets/website-rendering/cookieconsent.fbd84c284f87f97f448a.js	21 kB	2023-03-12	2023-08-07
Pretty URL assets.jwwb.nl/assets/website-rendering/cookieconsent.fbd84c284f87f97f448a.js IP 151.101.1.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:54:41 Last Seen2023-08-07 04:23:37 Times Seen137 Hash 2f00ef63f493540ebc32c0267812aaf3 95a915152603ee779ee19de8d0ecfb84f43c4f31 1b6f8375518ed13731e4eb8dff2584e4b38cfc1f6b45c246879ca5c48a8a46bd Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	3.8 kB	2023-03-13	2023-03-13
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:41:13 Last Seen2023-03-13 18:41:13 Times Seen1 Hash 66dec1a0e75bc2108ed24e66d1b54aea 72f288bb55109b36694b3602b538d1698b0ce425 7231db5933de956ea4f67fd67cb3782614f39a569ac5665ecca51dcdc2b9898b Loading...

	assets.jwwb.nl/assets/website-rendering/main.88d70350fd35b8bf4e6a.js?bust=ec2e296e845e475d88b7	184 kB	2023-03-13	2023-03-13
Pretty URL assets.jwwb.nl/assets/website-rendering/main.88d70350fd35b8bf4e6a.js?bust=ec2e296e845e475d88b7 IP 151.101.1.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:41:13 Last Seen2023-03-13 18:41:13 Times Seen1 Hash ec2e296e845e475d88b7a6dd387824ad a9c36f1c62d412fc885d5e5183f86f80683a60c4 9a10b8d30e0f0d427c6794abf6facb15cff40dbf60948fb06ff1943fb2bcd792 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 01:36:24 Times Seen37532900 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	assets.jwwb.nl/assets/build/website-rendering/es-ES.js?bust=4420dc1c001322cb5379	34 kB	2023-03-13	2023-06-10
Pretty URL assets.jwwb.nl/assets/build/website-rendering/es-ES.js?bust=4420dc1c001322cb5379 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:59:22 Last Seen2023-06-10 21:43:27 Times Seen25 Hash 4420dc1c001322cb5379436ff1fa1b2e 369e946dd57d14184c55152ecb5db5cd64362508 59ed8672b175755ff6d17b2188d168d31e0408a06e208b465a6e5915bcca7029 Loading...

	www.webador.es/v2/unsafe-token/3091097	107 B	2023-03-13	2023-03-13
Pretty URL www.webador.es/v2/unsafe-token/3091097 IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:41:13 Last Seen2023-03-13 18:41:13 Times Seen1 Hash 5945bb868b5aa8a1e4533d3463055aba f768b3433fdf41cca5d440f4a31feb5d7bbf5456 3ed56f15617a73427d0fd63ea94e59adac0bd4430edc7527f3b1e6f1d4102cce Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	803 B	2023-03-07	2024-05-05
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:31 Last Seen2024-05-05 06:38:53 Times Seen65 Hash 439620e0167bf50e7cf162785971332c fa5ee2c5867b582f4c52920549cc14181409531b 7eed2afc72c33b52ea732747e46672784cd1cb5adf7dfbfc047732f7644f6521 Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	473 B	2023-03-07	2024-03-29
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:42 Last Seen2024-03-29 07:14:14 Times Seen27 Hash ff2900d35e532711ac74a1c2b68fcb7d 65c18a132bd0fc63bbe8f02803113d19410dab64 67abd516360ec7e9d4fbbd95146cbcdc32c9eeb510644f37d52185071694200a Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	199 B	2023-03-13	2023-09-08
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:41:13 Last Seen2023-09-08 14:31:54 Times Seen7 Hash 3f54ef08d1a1bbda5b7f0e3ca0fffbdf 9e979eb825da4c1d79d28f273f00c2b59dc6ac19 16baee77de4b0281231b27f59d29b0b49165a99a87bdf487f694e805a13373ed Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	170 B	2023-03-13	2023-06-03
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:41:13 Last Seen2023-06-03 14:40:44 Times Seen4 Hash 0396b0c10ff1c0e120f25141b08e3b75 166a05f23546c0521a89a72d8ce08e0284ec462f 8d81fe138c4b2c0171d6379d024ac25d7d7abe5bc23b5c1443022e2a8ba7eecc Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	215 B	2023-03-13	2023-03-13
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:41:13 Last Seen2023-03-13 21:23:28 Times Seen1 Hash 2d3347d97145e2e68c89a0aa13c8cc68 1dd94ac0c704efff597245544b083aebf4588a5f c5f01319f8188b02a3d94b43d2ccd9754021134c86795c3dc0d964ecbd8d3ff1 Loading...

	plausible.io/js/script.manual.js	1.0 kB	2023-03-08	2023-10-26
Pretty URL plausible.io/js/script.manual.js IP 195.181.166.158 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:32:30 Last Seen2023-10-26 00:39:30 Times Seen9 Hash 5b52f30dd5556c250e98cc1261dbc299 004b0d542d1ee4ddf75878188d7bf227efd1e270 3a379b4a27b0c9dc8f07d089ed20377c3bc8ce0048bf055cbde63f9e0b920d06 Loading...

	temp-ldoigoxdmdzeuyikfkxf.webador.es/	403 B	2023-03-12	2023-07-01
Pretty URL temp-ldoigoxdmdzeuyikfkxf.webador.es/ IP 34.90.225.198 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:05:46 Last Seen2023-07-01 18:31:05 Times Seen18 Hash c35cf69a6cfa9d683b1f1fa44bc0536a beb5f2b376dd5e9870eb4193159bafb5673fe8d6 ca75a91f98bab4366ca6d5716664a4b655a1f01f8cba825f4f712100f2fe47d0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.239.38.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

HTTP Transactions (67)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 06 Feb 2023 08:55:58 GMT
Age: 54415
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8758
Expires: Tue, 07 Feb 2023 02:28:51 GMT
Date: Tue, 07 Feb 2023 00:02:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5390
Expires: Tue, 07 Feb 2023 01:32:43 GMT
Date: Tue, 07 Feb 2023 00:02:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc97e1e32e2866904f8fe56b8aa965e9
d6f95063c49337efdeb3da39f068e9522b771070
fcc1f6bab878ed1ad6ae6ae6f82af2150adb480b3826db09abda612e1f32cefa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCC1F6BAB878ED1AD6AE6AE6F82AF2150ADB480B3826DB09ABDA612E1F32CEFA"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20610
Expires: Tue, 07 Feb 2023 05:46:23 GMT
Date: Tue, 07 Feb 2023 00:02:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZkcvH4stzK8QjmswMVJNaZqpEieWw7dmE9wOSxOxM+YJoZYX1DbMnbjpr8vXZcLLEe8DI8eaGig=
x-amz-request-id: FBCY3JK40EVQKM5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 00:00:01 GMT
age: 172
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

42 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42089 bytes)
Hash
8aa8578db650825befd0198c7e083c19
801b08f41fa6c22428856cb877604b788bf68725
7d3545e8c71c61e581f82cff1434171ea8d08f007cd835ba86d412a03058ad89

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: cWEhNWmPOibPWQYVfiWI4XpceEytZuv_1OxvM_x3PpRteeUlP4u18A==
content-encoding: gzip
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 23:49:42 GMT
content-type: application/json
content-length: 42089
age: 791
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Tue, 07 Feb 2023 04:48:33 GMT
Date: Tue, 07 Feb 2023 00:02:53 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 00:02:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 23:34:06 GMT
content-type: application/json
age: 1727
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0b3d155fe53bb5e6c449ef90a3148bec
ba248b7cbcbf07d28955ac6d0eb1f8ee7af04fa8
c193ac3684096be7c1f069ccec763d524f9c5fe034d438bd321e8c3a5afcf325

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 703
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 00:02:54 GMT
Last-Modified: Mon, 06 Feb 2023 23:51:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 23:07:20 GMT
age: 3334
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7897
Expires: Tue, 07 Feb 2023 02:14:31 GMT
Date: Tue, 07 Feb 2023 00:02:54 GMT
Connection: keep-alive

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

44.234.248.225

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
44.234.248.225:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 07 Feb 2023 00:02:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

push.services.mozilla.com/

35.163.74.93

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.74.93:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V11H3B0djkqgFZM6FUTUmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0kyHRtezaQau1u3YVCEODeo9wAw=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f7447519f88112dc7eea3e612bcfff0
3d683393e73f26f38e705637a0a4f902f6c7b33b
84f65fbf7b8c69563a57d087abd2c6333d33895eaa597c06a23eadf604579962

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84F65FBF7B8C69563A57D087ABD2C6333D33895EAA597C06A23EADF604579962"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Tue, 07 Feb 2023 06:02:24 GMT
Date: Tue, 07 Feb 2023 00:02:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675717742791%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675717742791%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21681), with no line terminators
Size
22 kB (21681 bytes)
Hash
97edb647f7db017b4197a88c96ecac55
8b859ccc7263149e35f56955e1c7c046ed867ecd
e935b7a645a414eaf975e138495337d1ba794d6e9d1328cb5599d4934cbd5c21

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675717742791%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Mon, 06 Feb 2023 23:12:09 GMT
age: 3045
last-modified: Mon, 06 Feb 2023 21:09:02 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/fonts/website-rendering/font/website-rendering.woff2?bust=8491e4ff84bdcb0358c9

151.101.1.91

200 OK

11 kB

URL HTTP/2
assets.jwwb.nl/assets/fonts/website-rendering/font/website-rendering.woff2?bust=8491e4ff84bdcb0358c9
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 10756, version 1.0\012- data
Size
11 kB (10756 bytes)
Hash
8491e4ff84bdcb0358c9e47841089e8c
1350d58ae33ae8a2297917eb9d4b74ff9c23c8a4
3b3753f0e60df50ca1108c7e3ec16a03334092fbb1068eef671c0c6482e3220d

HTTP Headers

GET /assets/fonts/website-rendering/font/website-rendering.woff2?bust=8491e4ff84bdcb0358c9 HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://temp-ldoigoxdmdzeuyikfkxf.webador.es
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 19 May 2022 08:52:19 GMT
etag: "8491e4ff84bdcb0358c9e47841089e8c"
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 2203725
content-length: 10756
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/styles.cf531f1d8138ff6bf16a.css?bust=cf531f1d8138ff6bf16a

151.101.1.91

200 OK

20 kB

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/styles.cf531f1d8138ff6bf16a.css?bust=cf531f1d8138ff6bf16a
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (59107)
Size
20 kB (19972 bytes)
Hash
fc2dc01eea4e2f44e5af447aadbff9e6
c98aa01849d76dcb7ca2911b2a6318001c58e881
7ba9d69510c12814c0f794990133e611346be7087ebb8ef5b7c3f52c93d80a82

HTTP Headers

GET /assets/website-rendering/styles.cf531f1d8138ff6bf16a.css?bust=cf531f1d8138ff6bf16a HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 14:22:12 GMT
etag: "fc2dc01eea4e2f44e5af447aadbff9e6"
content-type: text/css
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 293903
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-length: 19972
X-Firefox-Spdy: h2

gfonts.jwwb.nl/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic

151.101.1.91

200 OK

820 B

URL HTTP/2
gfonts.jwwb.nl/css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
ASCII text
Size
820 B (820 bytes)
Hash
c3e430988f87c9d87e793f175281aacc
3956911579fc3e7aa8b5b0dad3f52195024262d6
7064951efdc2e2f7e33a746bc7d09a8f95c824317c75aded3911d5b7c48df740

HTTP Headers

GET /css?display=fallback&family=Roboto%3A400%2C700%2C400italic%2C700italic%7CQuestrial%3A400%2C700%2C400italic%2C700italic HTTP/1.1
Host: gfonts.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=86400
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 80664
vary: Accept-Encoding
content-length: 820
X-Firefox-Spdy: h2

primary.jwwb.nl/public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/style.css?bust=1674060872

151.101.129.91

200 OK

13 kB

URL HTTP/2
primary.jwwb.nl/public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/style.css?bust=1674060872
IP
151.101.129.91:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size
13 kB (13023 bytes)
Hash
b55f4dab4d8775d04ea6b2aa090e2f23
43189d47bb3d3a9e8308873f99a874d9579e8dc6
59b1468e533b4fd662bce6079eedab6b36737558993d300308401a5f87be5415

HTTP Headers

GET /public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/style.css?bust=1674060872 HTTP/1.1
Host: primary.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 16:54:32 GMT
etag: "42da2e89526ef2150ecf306b4e15f320"
content-type: text/css
server: UploadServer
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=7776000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 1667173
vary: Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-length: 13023
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22

35.241.9.150

200 OK

27 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (27294), with no line terminators
Size
27 kB (27294 bytes)
Hash
1e630048e362b77c6ad38fd0ea8e4288
15cdb480e906413a492e7269c43f64f0f8956ff6
a6071af1e1185a063481aca6541ad39a5b7f02d67a990e33f6f02c8782f98d53

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 27294
via: 1.1 google
date: Mon, 06 Feb 2023 23:21:18 GMT
age: 2496
last-modified: Fri, 03 Feb 2023 18:37:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/main.88d70350fd35b8bf4e6a.js?bust=ec2e296e845e475d88b7

151.101.1.91

200 OK

35 kB

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/main.88d70350fd35b8bf4e6a.js?bust=ec2e296e845e475d88b7
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65415)
Size
35 kB (34862 bytes)
Hash
5133fba9c06f2c195c12205b7bf26ed4
90e4311e9625930c468ce2a4f1c11eacebae68f8
73d5d1620cf2bcf754c82987c8d83f8bbfbc5b35d2cc3a29a4234e872c60699e

HTTP Headers

GET /assets/website-rendering/main.88d70350fd35b8bf4e6a.js?bust=ec2e296e845e475d88b7 HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 06 Feb 2023 13:52:07 GMT
etag: "5133fba9c06f2c195c12205b7bf26ed4"
content-type: application/javascript
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 36598
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-length: 34862
X-Firefox-Spdy: h2

primary.jwwb.nl/public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/cankpq/nuevafondobancolombia.png?enable-io=true&enable=upscale&width=100

151.101.129.91

200 OK

2.6 kB

URL HTTP/2
primary.jwwb.nl/public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/cankpq/nuevafondobancolombia.png?enable-io=true&enable=upscale&width=100
IP
151.101.129.91:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.6 kB (2630 bytes)
Hash
a321dbdc74160653545f7aabdc225e03
78c760513fc3762cb99516d66b34f836615ea53d
157e9b626a7baac6e1266a118557829fd719a39f5fe735443c9584707d884eee

HTTP Headers

GET /public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/cankpq/nuevafondobancolombia.png?enable-io=true&enable=upscale&width=100 HTTP/1.1
Host: primary.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "GVjXTD4kDkJAPIfd1yxOL5P9q9BFcw26UDADviElnO4"
fastly-io-info: ifsz=5784 idim=283x178 ifmt=png ofsz=2630 odim=100x63 ofmt=webp
fastly-stats: io=1
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=7776000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 1667768
vary: Accept
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-length: 2630
X-Firefox-Spdy: h2

primary.jwwb.nl/public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/cankpq/nuevafondobancolombia.png?enable-io=true&enable=upscale&height=70

151.101.129.91

200 OK

3.1 kB

URL HTTP/2
primary.jwwb.nl/public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/cankpq/nuevafondobancolombia.png?enable-io=true&enable=upscale&height=70
IP
151.101.129.91:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.1 kB (3092 bytes)
Hash
a8e95e7553468bf6dbffd5ac6b897dc5
9935bf843c34d6f22b5c5e9bd0486d31295f220c
399d1ed8956f5beee6fd817db4fd8e2f1d8bc8bbca98d00221bc362381b96b1e

HTTP Headers

GET /public/t/x/d/temp-ldoigoxdmdzeuyikfkxf/cankpq/nuevafondobancolombia.png?enable-io=true&enable=upscale&height=70 HTTP/1.1
Host: primary.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "Jc1L4ag4wzomA6Gu1xFYfx00sk3CRUuxpJhZo9u6TIs"
fastly-io-info: ifsz=5784 idim=283x178 ifmt=png ofsz=3092 odim=111x70 ofmt=webp
fastly-stats: io=1
server: UploadServer
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=7776000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 54553
vary: Accept
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-length: 3092
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce01098f18777c9f874a17f105951e61
d0022299f377152a528e980b54eeeb646373dd3b
945c025aff3195f4e6ea6295184c3932287454b8593f022e5cffc9dfa0a0db99

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "945C025AFF3195F4E6EA6295184C3932287454B8593F022E5CFFC9DFA0A0DB99"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8387
Expires: Tue, 07 Feb 2023 02:22:41 GMT
Date: Tue, 07 Feb 2023 00:02:54 GMT
Connection: keep-alive

gfonts.jwwb.nl/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

151.101.1.91

200 OK

19 kB

URL HTTP/2
gfonts.jwwb.nl/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size
19 kB (19292 bytes)
Hash
19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

HTTP Headers

GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: gfonts.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://temp-ldoigoxdmdzeuyikfkxf.webador.es
Connection: keep-alive
Referer: https://gfonts.jwwb.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=86400
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 6993608
content-length: 19292
X-Firefox-Spdy: h2

gfonts.jwwb.nl/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

151.101.1.91

200 OK

16 kB

URL HTTP/2
gfonts.jwwb.nl/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: gfonts.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://temp-ldoigoxdmdzeuyikfkxf.webador.es
Connection: keep-alive
Referer: https://gfonts.jwwb.nl/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=86400
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 2866916
content-length: 15744
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: AjwgR52U6hGxkzzzQ3Mzz0hcJWqd8+Lzt5hyxrslMTpYG950oaMSmqhHqV1thspefEUEQSrYNC66BJ9PCcyjMg==
x-amz-request-id: 7ZSX7TNZX63BW4JJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 23:35:18 GMT
age: 1656
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 23:34:06 GMT
content-type: application/json
age: 1729
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/76.03421447554f231ccc6f.js?bust=890fdbd6ec5d1c04174d

151.101.1.91

200 OK

102 kB

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/76.03421447554f231ccc6f.js?bust=890fdbd6ec5d1c04174d
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (55893), with LF, NEL line terminators
Size
102 kB (101483 bytes)
Hash
9174a45cacf24fe8373d3dba2ace4bf4
e41a898cce8e373f66f418e298a0810a06f78fad
6b0f3a74a33ff615c862d5e3cf3a5c2a3bced52e2059e8b58c0e1a99da9b2323

HTTP Headers

GET /assets/website-rendering/76.03421447554f231ccc6f.js?bust=890fdbd6ec5d1c04174d HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 31 Jan 2023 08:14:41 GMT
etag: "9174a45cacf24fe8373d3dba2ace4bf4"
content-type: application/javascript
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 575155
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-length: 101483
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/runtime.a32096df2ef1dba8ec4d.js?bust=4934ef961e61872dc596

151.101.1.91

200 OK

2.9 kB

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/runtime.a32096df2ef1dba8ec4d.js?bust=4934ef961e61872dc596
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6096)
Size
2.9 kB (2865 bytes)
Hash
284f8c9fe1c59002728a051a4b99028b
694ad73b239d572cf1c8a51ef93d1646d96dca3f
456ef7dd20dcc140a234a0b15337b725ef1be17b6df2dd8da9d7744e7cd9e536

HTTP Headers

GET /assets/website-rendering/runtime.a32096df2ef1dba8ec4d.js?bust=4934ef961e61872dc596 HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 31 Jan 2023 08:14:41 GMT
etag: "284f8c9fe1c59002728a051a4b99028b"
content-type: application/javascript
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:54 GMT
age: 575155
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-length: 2865
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1070bda5398d0e4012c7ebe62828e6ee
e072659271bcce877688f7244e58cad847ce57f9
026369f2eac79a5506de6e2fa9879298ec7c63882cbff6a4cb49688783de9485

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "026369F2EAC79A5506DE6E2FA9879298EC7C63882CBFF6A4CB49688783DE9485"
Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10522
Expires: Tue, 07 Feb 2023 02:58:17 GMT
Date: Tue, 07 Feb 2023 00:02:55 GMT
Connection: keep-alive

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin

34.111.73.144

200 OK

807 kB

URL HTTP/2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
34.111.73.144:0
ASN
#15169 GOOGLE

File type
data
Size
807 kB (807180 bytes)
Hash
914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857

HTTP Headers

GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dguZsNlgt0E45bClSnS3eklmiykznZzPHsVWHNdaaMzEAaRGO4cZgbeZnkXLWgpuuMWxb90zRhY=
x-amz-request-id: 7YF2ZWT19PGFW512
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Sat, 04 Feb 2023 15:34:39 GMT
age: 203296
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/cookieconsent.fbd84c284f87f97f448a.js

151.101.1.91

200 OK

7.0 kB

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/cookieconsent.fbd84c284f87f97f448a.js
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (20868)
Size
7.0 kB (6964 bytes)
Hash
b0b6ccb0944039d492dd4a9b4a12983b
79ae9d54aed2f251f33b15712b2e23c637cb628d
24752abac2a8bfc9166cf0f6bf03c4ff204fd6996474a64c597f09ba453b6736

HTTP Headers

GET /assets/website-rendering/cookieconsent.fbd84c284f87f97f448a.js HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Jan 2023 10:40:15 GMT
etag: "b0b6ccb0944039d492dd4a9b4a12983b"
content-type: application/javascript
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:55 GMT
age: 2203723
vary: Accept-Encoding
content-length: 6964
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/cookieconsent.32e7c3015cea5e0122b2.css

151.101.1.91

200 OK

1.7 kB

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/cookieconsent.32e7c3015cea5e0122b2.css
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7634), with no line terminators
Size
1.7 kB (1713 bytes)
Hash
7a79dba388a152cca49c115f90d45807
5d59e096771d99a3af446402f8da9106ea69dd0c
9984b983c4431d10414b0d3df97b6d3fcc1fcd44fd4b689e44276f4db60cf02a

HTTP Headers

GET /assets/website-rendering/cookieconsent.32e7c3015cea5e0122b2.css HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
last-modified: Fri, 17 Jun 2022 09:58:19 GMT
etag: "7a79dba388a152cca49c115f90d45807"
content-type: text/css
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:55 GMT
age: 2203724
vary: Accept-Encoding
content-length: 1713
X-Firefox-Spdy: h2

plausible.io/api/event

195.181.166.158

202 Accepted

2 B

URL HTTP/2
plausible.io/api/event
IP
195.181.166.158:0
ASN
#60068 Datacamp Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /api/event HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 127
Origin: https://temp-ldoigoxdmdzeuyikfkxf.webador.es
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
date: Tue, 07 Feb 2023 00:02:55 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: BunnyCDN-SE1-725
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.8
permissions-policy: interest-cohort=()
x-request-id: F0Fh5aHwHMYjsNY4ILSE
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 02/07/2023 00:02:55
cdn-edgestorageid: 725
cdn-requestid: 5456017eeef8c386a42256ffbc2c68f7
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675717742791&_since=%221666279968541%22

35.241.9.150

200 OK

76 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675717742791&_since=%221666279968541%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (75731 bytes)
Hash
b995a123c16167e34db1e15c69830e13
79aae0f5b0128d5619a8a345bce66705e83f1f00
aa6308675490332b54369e8ce73019a9c5f7a405efca8ca71e9be235307be265

HTTP Headers

GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675717742791&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 75731
via: 1.1 google
date: Mon, 06 Feb 2023 23:29:10 GMT
age: 2025
last-modified: Mon, 06 Feb 2023 21:09:02 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/brand/webador/icon/favicon.png?bust=532fe2902564480b64d8

151.101.1.91

200 OK

3.2 kB

URL HTTP/2
assets.jwwb.nl/assets/brand/webador/icon/favicon.png?bust=532fe2902564480b64d8
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3234 bytes)
Hash
532fe2902564480b64d881ff908e700d
ef25788e5d7eda04bb1df729d73e16d8227361c8
1cf65375bf5eb2144182098b7d31180477e8099b93a589633bc80ff5315f1ec0

HTTP Headers

GET /assets/brand/webador/icon/favicon.png?bust=532fe2902564480b64d8 HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Dec 2021 16:00:41 GMT
etag: "532fe2902564480b64d881ff908e700d"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:55 GMT
age: 1813031
content-length: 3234
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 00:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

216.239.38.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.38.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 23:44:08 GMT
expires: Tue, 07 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 1127
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

35.241.9.150

200 OK

681 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Size
681 B (681 bytes)
Hash
49248eff154dc4c57a2941a8ea08b148
f1c61090e04394494721aa17ddb4814293e66e89
674b33af069dc532553d499551583e97162232c880bb2f47bfe3787aeba2640c

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Mon, 06 Feb 2023 23:40:19 GMT
age: 1356
last-modified: Mon, 06 Feb 2023 16:36:54 GMT
etag: "1675701414813"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 00:02:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

plausible.io/js/script.manual.js

195.181.166.158

200 OK

16 kB

URL HTTP/2
plausible.io/js/script.manual.js
IP
195.181.166.158:0
ASN
#60068 Datacamp Limited

File type
ASCII text, with very long lines (1005), with no line terminators
Size
16 kB (15954 bytes)
Hash
38ecf38c057555970a2e3df7898c7d66
e374776f26dc995754b172704faad19da02efbb2
570c86cdcb3ba49c170aa8c80561361d9c05925b575250a491ae1ffc0c869579

HTTP Headers

GET /js/script.manual.js HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 07 Feb 2023 00:02:54 GMT
content-type: application/javascript
server: BunnyCDN-SE1-725
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=86400
application: 10.0.1.2
cross-origin-resource-policy: cross-origin
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/06/2023 09:31:57
cdn-edgestorageid: 725
cdn-status: 200
cdn-requestid: 13143a4cafb5a8dd214f95d544b60d9a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

assets.jwwb.nl/assets/website-rendering/photoswipe.4554209f4935f8f690bb.js

151.101.1.91

200 OK

112 B

URL HTTP/2
assets.jwwb.nl/assets/website-rendering/photoswipe.4554209f4935f8f690bb.js
IP
151.101.1.91:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
ec0667e442882f141abf0bf766f4101c
296fd71e9b0e68b53f384e8e7fb53021dd14e7b4
79fe6be2cad5b38102ac93c66c6fbcdc1e507c140f0f37db08daa726a71ca2aa

HTTP Headers

GET /assets/website-rendering/photoswipe.4554209f4935f8f690bb.js HTTP/1.1
Host: assets.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 10:21:31 GMT
etag: "ec0667e442882f141abf0bf766f4101c"
content-type: application/javascript
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
x-jw-backend-healthy: true
cache-control: public, max-age=11232000
accept-ranges: bytes
date: Tue, 07 Feb 2023 00:02:55 GMT
age: 602194
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-length: 112
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22

35.241.9.150

200 OK

5.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (5292), with no line terminators
Size
5.3 kB (5292 bytes)
Hash
69ea02f4bd722bc1dba315f6508bff04
8a38ddb4b244d88db76d399c1d1d4f0e83d2dcf0
729cb4ee47b66be659d748a3121de3fafe4918b74acff2c9a8a1dfc33c67373c

HTTP Headers

GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5292
via: 1.1 google
date: Mon, 06 Feb 2023 23:10:08 GMT
age: 3167
last-modified: Sun, 05 Feb 2023 21:05:38 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22

35.241.9.150

200 OK

932 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (932), with no line terminators
Size
932 B (932 bytes)
Hash
22ad217b8542124e6c8821717559faf6
4330760a23c61ac654d088a592408e3b5c3b0bc5
a003887785e0e602be4c05929a584b7f3f1f79f27460e7eb35a4998663c5436b

HTTP Headers

GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 932
via: 1.1 google
date: Mon, 06 Feb 2023 23:48:42 GMT
age: 853
last-modified: Sun, 05 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

35.241.9.150

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Size
1.5 kB (1505 bytes)
Hash
5fbaf2b7815ccde4e006732f60cf45c3
358f788e1494eb1777de83a84aa1e831c6189ec9
d95422b3bbfa32ed668a90e5db3f3dd703e46d69e169e82a1e014b64b6b2d703

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Mon, 06 Feb 2023 23:00:10 GMT
age: 3765
last-modified: Sat, 04 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22

35.241.9.150

200 OK

52 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (52267), with no line terminators
Size
52 kB (52267 bytes)
Hash
06e189dc52881e7f5616b0214ff59542
16bd38b5d24dbc7fb6d44561cad597d6f555cf52
3b59d876391dc2db99e43edcffa3ed5a184468b0c937ef6293fc392ed7426df8

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 52267
via: 1.1 google
date: Mon, 06 Feb 2023 23:29:11 GMT
age: 2024
last-modified: Sat, 04 Feb 2023 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22

35.241.9.150

200 OK

2.1 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (2144), with no line terminators
Size
2.1 kB (2144 bytes)
Hash
5cfd74fcbede0ee061689b95c597b11b
75d870f627cdc06f4cb7fa47751ae56c740da850
c68708f43d2bf28e3d619542c6fd7ab408f034a7f87de731ed11356efc4453eb

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2144
via: 1.1 google
date: Mon, 06 Feb 2023 23:11:01 GMT
age: 3114
last-modified: Thu, 02 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (22471), with no line terminators
Size
22 kB (22471 bytes)
Hash
86e5267005f7001a7a7fb7f25d7e02b9
67ea12312364541e026dfd85800ce5f4280601c5
9c469d6cd61cb4f4e3f06e980f86f3ee16cb4ec776ed105998810bcabbe12969

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22471
via: 1.1 google
date: Mon, 06 Feb 2023 23:14:03 GMT
age: 2932
last-modified: Thu, 02 Feb 2023 15:52:59 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Tue, 07 Feb 2023 02:29:51 GMT
Date: Tue, 07 Feb 2023 00:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Tue, 07 Feb 2023 02:29:51 GMT
Date: Tue, 07 Feb 2023 00:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Tue, 07 Feb 2023 02:29:51 GMT
Date: Tue, 07 Feb 2023 00:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8816
Expires: Tue, 07 Feb 2023 02:29:51 GMT
Date: Tue, 07 Feb 2023 00:02:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10297 bytes)
Hash
bea82060b0cd156bf25493942ab62317
4182ba66cceb85c1e873ed5c72a86d53ab851b94
b77aaa7620aa77c7b73be04ad7c91af04f5e91393b3847928668bed644d68709

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10297
x-amzn-requestid: e1dcfab3-4321-4c83-8ad2-5b6a1b948178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77J0G-voAMFrfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1723e-33c2bc5c1f200cca7d7aa961;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6X7tm-1VoSJ0mm0sAsGfD4R-lnaCIUmy91BFZo72Idl1di8SabpEWw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:29 GMT
age: 7646
etag: "4182ba66cceb85c1e873ed5c72a86d53ab851b94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10788 bytes)
Hash
d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nb86Kj6pqD3DFzCeTNtTGNXsNfHLvu4kgYq6qmhu2Ygya462lBl0lg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 05:11:31 GMT
age: 67884
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13160 bytes)
Hash
003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 07:09:58 GMT
age: 60777
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F121b1de4-8f9a-42ce-aca5-9ff190235e9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5584 bytes)
Hash
94a975a866d575be68f687fd81a36f5b
16f334adff0205badeb468d248f925504137782a
d550618f7c7e902ca0f4f57f8da3199b22063f242e0fa07f10fe6631b35e026b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F121b1de4-8f9a-42ce-aca5-9ff190235e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5584
x-amzn-requestid: 130aa2ee-b175-4658-9c82-8f49944207dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpdejHeaIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0f90-4f9c757a30af548878052b0d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9URXL7tafn0kenWtzS1LRu2q0bgjM8ZC4NCS6L6MMPkvBqIHDOMugA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:15:10 GMT
age: 6465
etag: "16f334adff0205badeb468d248f925504137782a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6787 bytes)
Hash
d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 25675
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98179745-5078-472e-9610-33edd9a43956.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10188 bytes)
Hash
da137941b3b3ec5187780ff2bfaef328
29a8a1274d93a71bb356026b15b76ab48096163d
8260b49fa8fb9fb477072575eeb5fefd0b595b04db7840bca29d9f097f37ae9e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98179745-5078-472e-9610-33edd9a43956.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10188
x-amzn-requestid: e13ea99d-1fac-47c6-9e50-6ada36f9d25b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5ZxwG_NoAMFzhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0700b-61d7fbd866fef9920e5ae3d4;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:12:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GZIsSc_3eY9FIp3n4mRSQjiCbYp2c9xnARr20iceFrXh-Bj0OvcZXg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 03:53:15 GMT
etag: "29a8a1274d93a71bb356026b15b76ab48096163d"
content-type: image/jpeg
age: 72580
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Size
1.7 kB (1742 bytes)
Hash
22092e301760ed865af6ece6eb04b1be
557b52e40ec2d8f2fe080580a1858c8666791bf2
12afba8f5929ab372e9cffbbe57e8bb562c60fc0a98b751c69de1adc04fb4aea

HTTP Headers

GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Mon, 06 Feb 2023 23:31:09 GMT
age: 1906
last-modified: Wed, 01 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
91fc66b0cc0a6a614095f1a64df0ae3b
36d83cd4aac353d81990df94ac1e5466483ab145
fee8713249b5cc35e5a4bb521c3a645c8b2a0c927c8384b99cf4f3a046e5d316

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Mon, 06 Feb 2023 23:45:50 GMT
age: 1025
last-modified: Tue, 31 Jan 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

35.241.9.150

200 OK

1.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Size
1.3 kB (1250 bytes)
Hash
4b4dc2f2fa90e5157009acf4c7b1d589
ec64bb109dac848eafb80765cb510015c5d3ffd5
83ad9f7b27e6c7f20f257f0a3ff004ca69cfd0d4768222a51a655ac9ae139f6e

HTTP Headers

GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Mon, 06 Feb 2023 23:47:54 GMT
age: 901
last-modified: Tue, 31 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 06 Feb 2023 08:55:58 GMT
Age: 54417
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

han.gl/YKWIQ

172.67.189.251

301 Moved Permanently

0 B

URL HTTP/2
han.gl/YKWIQ
IP
172.67.189.251:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Bancolombia
fortinet	Phishing

HTTP Headers

GET /YKWIQ HTTP/1.1
Host: han.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 00:02:54 GMT
content-type: text/html; charset=UTF-8
location: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=e7rk2h7ll21023np39rd2v1l7a; path=/
short_2192457=1; expires=Tue, 07-Feb-2023 00:17:54 GMT; Max-Age=900; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LezChz7ZmpwecDlRR7tHE9DnLf0Y5Gv%2BNoi7wphaJbv1FrtIMC93Ddm2gEsgPWdZI4CoxD3MCd11BzIpOcX1bT281ap1Rrt9uIbI%2FA4CU3V5RGtQuedFoQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7957dbfbea00b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

temp-ldoigoxdmdzeuyikfkxf.webador.es/

34.90.225.198

200 OK

0 B

URL HTTP/2
temp-ldoigoxdmdzeuyikfkxf.webador.es/
IP
34.90.225.198:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Bancolombia
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: temp-ldoigoxdmdzeuyikfkxf.webador.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 00:02:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
content-security-policy: frame-ancestors 'self';
set-cookie: JWSESSION=a4hfrj05jm54dekbsts50ntsu558tobh; path=/; secure; HttpOnly
JwStickySession=bHsys98cd9osAAy8DiVF6EYB1esjrbVq; Expires=Thu, 09-Mar-2023 00:02:54 GMT; Path=/; Secure; HttpOnly
cache-control: no-store, no-cache, must-revalidate, no-transform
x-ua-compatible: IE=Edge
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.webador.es/v2/unsafe-token/3091097

34.90.225.198

200 OK

0 B

URL HTTP/2
www.webador.es/v2/unsafe-token/3091097
IP
34.90.225.198:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/unsafe-token/3091097 HTTP/1.1
Host: www.webador.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://temp-ldoigoxdmdzeuyikfkxf.webador.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 00:02:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: JWSESSION=c1kb21gob9q43icd97raini3m1kec0da; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-robots-tag: noindex
content-security-policy: frame-ancestors 'self';
cache-control: no-store, no-cache, must-revalidate, no-transform
x-ua-compatible: IE=Edge
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL