Report - mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?

Report Overview

Submitted URL
mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?
IP
172.67.153.254
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-08 02:05:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	1.5 kB	142.250.74.10
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	43 kB	142.250.74.168
c0.wp.com	6988	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	37 kB	192.0.77.37
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	18 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	21 kB	142.250.74.174
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
stats.wp.com	2711	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	14 kB	192.0.76.3
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.65
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.202.70.174
i0.wp.com	3021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	13 kB	192.0.77.2
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	589 B	705 B	173.194.73.155
mediasaya.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	876 B	1.5 kB	104.21.12.252

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-08	medium	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	Malware
2022-10-08	medium	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
i0.wp.com/mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=192%2C192&ssl=1
IP
192.0.77.2
ASN
#2635 AUTOMATTIC

File type
gzip compressed data, max compression\012- data
Size
4.7 kB (4724 bytes)
Hash
8a7b60431b2c9cf477bfaf721098fb09
dcc4655d0ff0b03b6b5e35b2f5bd91eed35c523d
4d5b5af1f7466e709a8f44da36145126abfbd580b804f50de1c76ad870251913

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (14)

	URL	Size	First Seen	Last Seen
	c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 15:15:44 Times Seen31813 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js	685 B	2023-03-07	2024-04-15
Pretty URL c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-15 22:34:30 Times Seen3122 Hash 24626ac4453bf45fe07e6c5d4e859fbd 9adbe5e7a5e1b5fb19aee82a9d765631b62ecb2f 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Loading...

	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	735 B	2023-03-08	2023-03-08
Pretty URL mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? IP 104.21.12.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:55:34 Last Seen2023-03-08 08:55:34 Times Seen1 Hash 9ad044f310d9010f2687c716ecb36238 1ec51edee35b0b30e97e5bf939a4f8b8a7cc44ae a27b3bc0b0b76f5b27680e52ce9ea63400f2ad8869a71342b15507cb27a1b94b Loading...

	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	260 B	2023-03-07	2024-04-24
Pretty URL mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? IP 104.21.12.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-24 13:49:24 Times Seen2518 Hash 9b78b28b396646badfc6017235ee4be9 18103240bf0cb760cdf7febc628b56b8fca44319 215f517010a20f2f4c55d34dd3c574568bd0fb83662f0b915ddb6561f97c3904 Loading...

	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	1.2 kB	2023-03-08	2023-03-08
Pretty URL mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? IP 104.21.12.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:55:34 Last Seen2023-03-08 08:55:34 Times Seen1 Hash 22fefd8c83ab233623105c6b0c2c8afd 99bab9964fee2d11734be395c69d400d9e46372e ebc0e02dfdb28cd924faea40488625fe70af6631f0cbc635fc1aa09efd234fa7 Loading...

	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	183 B	2023-03-08	2023-03-08
Pretty URL mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? IP 104.21.12.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:59 Last Seen2023-03-08 08:55:34 Times Seen1 Hash ef520f1f46d418ad422c077d7507b56d ee0b12f84fe9b3e429f8982777d988930af21944 d09c3e10a47b0d1ca1c58b3723db184e0887c73a4ecc3fee8fa7b32d73679b20 Loading...

	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	93 B	2023-03-07	2024-04-18
Pretty URL mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? IP 104.21.12.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-18 19:01:07 Times Seen2163 Hash c03c9cc1e344405e735bf829da247217 bc97ee9e7b1b2bfcab8c829f606123c3a3e8e43b 4ea908eff28d9dddcfa4076dc80b085635e0135606fbdca7695b8e346c3ed0ff Loading...

	mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?	155 B	2023-03-08	2023-03-08
Pretty URL mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? IP 104.21.12.252 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:59 Last Seen2023-03-08 08:55:34 Times Seen1 Hash 84cd0b40399fdb170091905f12b927c5 47e4bd63a89ee6dcefe8033652c055be1ec239fd 46583525bead972d59b1d44151d380c3e3b2cc0787b2bfde2b9033cb4c27b52b Loading...

	www.googletagmanager.com/gtag/js?id=UA-17733359-11	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-17733359-11 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:55:34 Last Seen2023-03-08 08:55:34 Times Seen1 Hash 2779580644b10f9296ede69850b0e010 f5c66c0d50aeff7338c2ce28cbc61a123445e3f3 2359860aea8a022bfcb6f8e11534e313457f5a7c3ff2faace4f13dcb7d21a998 Loading...

	stats.wp.com/e-202240.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202240.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	mediasaya.com/wp-content/cache/wpo-minify/1664818281/assets/wpo-minify-header-8a7b0ed9.min.js	40 kB	2023-03-08	2023-03-08
Pretty URL mediasaya.com/wp-content/cache/wpo-minify/1664818281/assets/wpo-minify-header-8a7b0ed9.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:59 Last Seen2023-03-08 08:55:34 Times Seen1 Hash 7b0f9de82a60271502c5ed329a8df2cc 449e05ba9c22f63ab089cbe0f99827d157e377d8 bd13e033794520665b7357e988d57e0601da0f182f8498ca2cfc5d9d561d12cd Loading...

	c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-24
Pretty URL c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 15:15:44 Times Seen68590 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	mediasaya.com/wp-content/cache/wpo-minify/1664818281/assets/wpo-minify-footer-f4f73a42.min.js	27 kB	2023-03-08	2023-03-08
Pretty URL mediasaya.com/wp-content/cache/wpo-minify/1664818281/assets/wpo-minify-footer-f4f73a42.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:59 Last Seen2023-03-08 08:55:34 Times Seen1 Hash 9a081edae9210f97b585772001f861a3 16aee185b17dc4cf9b88e952560e6eb3758ba6bc 73fef8941ef381e01b582ed3cdbb7c13b8479f9d33bc09925c4283d2756a408d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (35)

URL IP Response Size

mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?

104.21.12.252

301 Moved Permanently

0 B

URL HTTP/1.1
mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?
IP
104.21.12.252:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? HTTP/1.1
Host: mediasaya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 08 Oct 2022 02:05:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 03:05:46 GMT
Location: https://mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92D3lmIGaSBszpgrqjx1uJtHBjglR%2FwJomyvDV%2FRpzAUrKRcOJ41dVgn1PFMwx2I2Y7lAQ5nESDu%2B8rrhYRuAHrwKk6dsh0KdJ%2FVuNf9Yp2qhVhT1Urn2BwTdvtgkzB2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756b503ceb310b69-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DDFDHJs3uce-oWx6gYYiEGdKFvdigwUUAU_yZLtMbAVvO0OXObyRmA==
Age: 209908

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9332
Expires: Sat, 08 Oct 2022 04:41:18 GMT
Date: Sat, 08 Oct 2022 02:05:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3817
Expires: Sat, 08 Oct 2022 03:09:23 GMT
Date: Sat, 08 Oct 2022 02:05:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: a9supR0Tsja79IzaUdKTAD0By/Hhr9IfQVL56eXZf6rNKryIbWuDKn+UaRAeoVhcurHUIp6yVAWQGOmM+9nQyA==
x-amz-request-id: A4NB34VKES5BSXE6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 01:59:24 GMT
age: 382
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 08 Oct 2022 01:29:41 GMT
Expires: Sat, 08 Oct 2022 02:22:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0qEqBVxKMwiOylvTSSKFoQTeuRza4gXAMbR8YeuJ2OEjnaqShH5Cfw==
Age: 2166

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2767
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:47 GMT
Last-Modified: Sat, 08 Oct 2022 01:19:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.202.70.174

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.202.70.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yyDr6aCGHj+ZeSQJBk1G+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tPIe1Hx/EzpL0Fus8n17nX47lFo=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-17733359-11

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-17733359-11
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42344 bytes)
Hash
1eb7542383a5af4cc3c5ffe1a715b1a9
75b8ccdc2b4e2ef7303fc4211f6617f99cce44ea
4442264c1b92bf909001356c42de93294ad141fdb94f7af9f9e1e987ceedfbac

HTTP Headers

GET /gtag/js?id=UA-17733359-11 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 02:05:48 GMT
expires: Sat, 08 Oct 2022 02:05:48 GMT
cache-control: private, max-age=900
last-modified: Sat, 08 Oct 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6592
Expires: Sat, 08 Oct 2022 03:55:40 GMT
Date: Sat, 08 Oct 2022 02:05:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6592
Expires: Sat, 08 Oct 2022 03:55:40 GMT
Date: Sat, 08 Oct 2022 02:05:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6592
Expires: Sat, 08 Oct 2022 03:55:40 GMT
Date: Sat, 08 Oct 2022 02:05:48 GMT
Connection: keep-alive

c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

192.0.77.37

200 OK

7.2 kB

URL HTTP/2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (4186), with no line terminators
Size
7.2 kB (7179 bytes)
Hash
a24ed930738d54e0d420ee23c168983e
f1e483ddd1f084973c9bc273e65881d1d0dea609
8b01506b0f11d27dc7c986b29d7197884c2afac432ce654690d4115c9d1d6de3

HTTP Headers

GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 02:05:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10987 bytes)
Hash
53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:08:50 GMT
age: 14218
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stats.wp.com/e-202240.js

192.0.76.3

200 OK

13 kB

URL HTTP/2
stats.wp.com/e-202240.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (2690)
Size
13 kB (13289 bytes)
Hash
48ddb0e7464bd25ff8b923baf0b5d905
f84f00164858b9480e1b092809a278949ac36b69
a6c247219a9292c02ad17eaa1cf4fb47d59242b3c42462cb8711e613013ef8f8

HTTP Headers

GET /e-202240.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 25 Sep 2023 06:12:14 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js

192.0.77.37

200 OK

16 kB

URL HTTP/2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (11126)
Size
16 kB (15851 bytes)
Hash
49ebb1ccb24a8177a1922ec5fab43b4b
29fc4a026520e095c819a54dbe53ed92d3b1f7fd
a110405f186208b32d4c19ae47ae27f05790774e22605d003d60c9e010f9fbfc

HTTP Headers

GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 02:05:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5185 bytes)
Hash
e5c4757ceb6dce32d0f9d26d5b3df038
d8209d82f61c7a09e00756e5dd32c99bc61af4a8
6aa007279ba4cdea3f772e0601e4082d40ee947ef8cc1201ce0009fb42ca9885

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3c3ff89f-8a8c-44ae-981a-0e9adaf7d959
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dSEs8IAMFqFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-6c97b82d137c2f1951270b82;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -7rVFMBT_fVlJgzvfdqaTs-4ngjAZC51W0axkB6lAT9gRN8pLRxDJA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 04:26:43 GMT
age: 77945
etag: "d8209d82f61c7a09e00756e5dd32c99bc61af4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

192.0.77.37

200 OK

11 kB

URL HTTP/2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (11256), with no line terminators
Size
11 kB (11023 bytes)
Hash
9ed80882ac5a14d3d5b849d559843071
0b468ed986a2688f3b9f0f9a923c5344ddec0364
35e1d418ad226d0c7d21f1fc61bf77a139326f45f55b5aeb4a6373a4d2e202e1

HTTP Headers

GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 02:05:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i0.wp.com/mediasaya.com/wp-content/uploads/2018/08/Mediasaya-logo.png?fit=240%2C65&ssl=1

192.0.77.2

200 OK

5.8 kB

URL HTTP/2
i0.wp.com/mediasaya.com/wp-content/uploads/2018/08/Mediasaya-logo.png?fit=240%2C65&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.8 kB (5764 bytes)
Hash
b44fa5ace74ece604daee8841e97908d
a202866989f90703e68fb32c94ff2c0732003379
0813eefd93b0650d4da1e7c9b26d9cd2f3d4418c82da9b7bc935977a1f72198d

HTTP Headers

GET /mediasaya.com/wp-content/uploads/2018/08/Mediasaya-logo.png?fit=240%2C65&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:49 GMT
content-type: image/webp
content-length: 5764
last-modified: Sat, 08 Oct 2022 02:05:49 GMT
expires: Mon, 07 Oct 2024 14:05:49 GMT
cache-control: public, max-age=63115200
link: <https://mediasaya.com/wp-content/uploads/2018/08/Mediasaya-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "797a5bf4440a4db3"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,0,3001,3000,4001,4000,6001,6000,7001,7000,8001,800&family=Droid+Serif:ital,wght@0,0,4001,4000,7001,700&family=Montserrat:ital,wght@0,0,3000,4000,5000,6000,700&family=Nunito:ital,wght@0,0,2001,2000,3001,3000,4001,4000,6001,6000,7001,7000,8001,8000,9001,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&family=Droid+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.10

400 Bad Request

838 B

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,0,3001,3000,4001,4000,6001,6000,7001,7000,8001,800&family=Droid+Serif:ital,wght@0,0,4001,4000,7001,700&family=Montserrat:ital,wght@0,0,3000,4000,5000,6000,700&family=Nunito:ital,wght@0,0,2001,2000,3001,3000,4001,4000,6001,6000,7001,7000,8001,8000,9001,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&family=Droid+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
838 B (838 bytes)
Hash
4b4a6ec44f1c019ccf9a8a5b15cc0cee
45b0f49195d79743840b4f516bd561d568740ebb
8e4575cff5d66f890e15fbfd252fe0d3c3e7a6c144047572f15fcde32cfdf101

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,0,3001,3000,4001,4000,6001,6000,7001,7000,8001,800&family=Droid+Serif:ital,wght@0,0,4001,4000,7001,700&family=Montserrat:ital,wght@0,0,3000,4000,5000,6000,700&family=Nunito:ital,wght@0,0,2001,2000,3001,3000,4001,4000,6001,6000,7001,7000,8001,8000,9001,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&family=Droid+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 08 Oct 2022 02:05:48 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i0.wp.com/mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=192%2C192&ssl=1

192.0.77.2

200 OK

4.7 kB

URL HTTP/2
i0.wp.com/mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=192%2C192&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
gzip compressed data, max compression\012- data
Size
4.7 kB (4724 bytes)
Hash
8a7b60431b2c9cf477bfaf721098fb09
dcc4655d0ff0b03b6b5e35b2f5bd91eed35c523d
4d5b5af1f7466e709a8f44da36145126abfbd580b804f50de1c76ad870251913

HTTP Headers

GET /mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:50 GMT
content-type: image/webp
content-length: 3936
last-modified: Fri, 30 Sep 2022 23:56:50 GMT
expires: Mon, 30 Sep 2024 11:56:50 GMT
cache-control: public, max-age=63115200
link: <https://mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "613c700b60dd4f36"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 08 Oct 2022 00:41:09 GMT
expires: Sat, 08 Oct 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 5081
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i0.wp.com/mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=32%2C32&ssl=1

192.0.77.2

200 OK

492 B

URL HTTP/2
i0.wp.com/mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=32%2C32&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
492 B (492 bytes)
Hash
30c06c47d9329326561a741056aec646
cf4a482c102953f56f7d1fd659a206470ea2e2bb
dfac50b5fef42c702b750a6291dc3bca3c7e8b5879a24f8de9ed2d0f2f54957c

HTTP Headers

GET /mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:50 GMT
content-type: image/webp
content-length: 492
last-modified: Sat, 08 Oct 2022 02:05:50 GMT
expires: Mon, 07 Oct 2024 14:05:50 GMT
cache-control: public, max-age=63115200
link: <https://mediasaya.com/wp-content/uploads/2016/03/msPNGlogo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "e86e8073d6efd425"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-17733359-11&cid=972184007.1665194751&jid=1119432094&gjid=1786649369&_gid=853116596.1665194751&_u=YEBAAUAAAAAAACAAI~&z=393193642

173.194.73.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-17733359-11&cid=972184007.1665194751&jid=1119432094&gjid=1786649369&_gid=853116596.1665194751&_u=YEBAAUAAAAAAACAAI~&z=393193642
IP
173.194.73.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-17733359-11&cid=972184007.1665194751&jid=1119432094&gjid=1786649369&_gid=853116596.1665194751&_u=YEBAAUAAAAAAACAAI~&z=393193642 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mediasaya.com
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://mediasaya.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Oct 2022 02:05:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 02:05:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?

172.67.153.254

404 Not Found

0 B

URL HTTP/2
mediasaya.com/intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/?
IP
172.67.153.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /intencasanpaolo/fac12282ec4d1985f5e0f560581d4da0/login/? HTTP/1.1
Host: mediasaya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-ua-compatible: IE=edge
link: <https://mediasaya.com/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40yXtJrDca1oqT4BI%2Fhuv2OlE%2BH3ZiPO%2Fodw%2BVAzxL2bMd%2F3eHiE%2BYctoifmMttfUbD2eE0RKwMqdmwFO%2FjqRSl7YJOnAdemeaUZ4LexmriWcD3kwF4ugvbHauMFXRlD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 756b503eca291c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 02:05:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.3.2/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 02:05:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.3.2/css/jetpack.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.3.2/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasaya.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 02:05:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 16:22:40 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 02:05:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML