urlquery - report: rbfcu2.web.app/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.sca1b.amazontrust.com (2)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	216.137.34.29
mike555.herokuapp.com (2)	0	2022-09-20 22:26:48 UTC	2022-09-23 12:54:52 UTC	54.224.34.30	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-23 12:37:00 UTC	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-23 04:49:01 UTC	108.156.28.102
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-23 04:33:41 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-23 13:41:12 UTC	93.184.220.29
ocsp.pki.goog (1)	175	2017-06-14 07:23:31 UTC	2022-09-23 04:33:33 UTC	142.250.74.3
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-23 05:02:25 UTC	52.42.74.230
geolocation-db.com (1)	237326	2019-10-31 01:19:14 UTC	2022-09-23 18:10:21 UTC	159.89.102.253
rbfcu2.web.app (2)	0	2022-09-22 23:21:06 UTC	2022-09-23 12:54:53 UTC	199.36.158.100	Unknown ranking
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-23 16:32:04 UTC	18.165.201.83
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-09-23 04:34:39 UTC	23.36.77.32

Scan Date	Severity	Indicator	Comment
2022-09-23	2	rbfcu2.web.app/	RBFCU
2022-09-23	2	rbfcu2.web.app/	RBFCU

Scan Date	Severity	Indicator	Comment
2022-09-23	2	rbfcu2.web.app/	Phishing
2022-09-23	2	rbfcu2.web.app/	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-25 23:32:49 +0000	0 - 0 - 6	wait-and-see-approach.web.app/	199.36.158.100
2023-03-25 23:30:30 +0000	0 - 0 - 6	wait-and-see-approach.firebaseapp.com/	199.36.158.100
2023-03-25 23:18:53 +0000	0 - 1 - 0	gotomoonron.firebaseapp.com/eyv0urdz92	199.36.158.100
2023-03-25 19:02:44 +0000	0 - 0 - 0	forms.gle/4wvnHAdrHqCu31uT6	199.36.158.100
2023-03-25 18:11:55 +0000	0 - 1 - 2	ebanking-ch3-ubs-a3ab0.web.app/login.html?ses (...)	199.36.158.100

Date	UQ / IDS / BL	URL	IP
2023-03-25 23:32:49 +0000	0 - 0 - 6	wait-and-see-approach.web.app/	199.36.158.100
2023-03-25 23:30:30 +0000	0 - 0 - 6	wait-and-see-approach.firebaseapp.com/	199.36.158.100
2023-03-25 23:18:53 +0000	0 - 1 - 0	gotomoonron.firebaseapp.com/eyv0urdz92	199.36.158.100
2023-03-25 23:07:31 +0000	0 - 1 - 0	desktop.githubusercontent.com/github-desktop/ (...)	185.199.110.133
2023-03-25 23:03:47 +0000	0 - 1 - 0	raw.githubusercontent.com/softerar/soft/main/9.exe	185.199.108.133

Date	UQ / IDS / BL	URL	IP
2022-09-23 20:46:37 +0000	0 - 0 - 4	rbfcu2.web.app/	199.36.158.100
2022-09-23 12:54:52 +0000	0 - 0 - 4	rbfcu2.web.app/	199.36.158.100

Date	UQ / IDS / BL	URL	IP
2022-09-20 22:26:58 +0000	0 - 0 - 2	rbfcu-1.web.app/	199.36.158.100
2022-09-23 20:47:41 +0000	0 - 0 - 4	rbfcu-bank4.web.app/	199.36.158.100

Request	Response
GET / HTTP/1.1 Host: rbfcu2.web.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: rbfcu2.web.app/ FQDN: rbfcu2.web.app IP: 199.36.158.100 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 199.36.158.100 HTTP/1.1 301 Moved Permanently Server: Varnish Retry-After: 0 Location: https://rbfcu2.web.app/ Content-Length: 0 Accept-Ranges: bytes Date: Fri, 23 Sep 2022 20:46:26 GMT Connection: close X-Served-By: cache-bma1654-BMA X-Cache: HIT X-Cache-Hits: 0 X-Timer: S1663965987.875920,VS0,VE0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - openphish: RBFCU - fortinet: Phishing
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 18.165.201.83 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 18.165.201.83 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Fri, 23 Sep 2022 20:05:14 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR50-P3 X-Amz-Cf-Id: 8Oe2KSd91MRvxH_Vb1u-2r7pqbeylwZ08VE-R_BShtBwXA4ZL7xkKw== Age: 2471 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80" Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12922 Expires: Sat, 24 Sep 2022 00:21:49 GMT Date: Fri, 23 Sep 2022 20:46:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 09a973de929ab7452edc342c780d3668 Sha1: 3f14f6e0a36f76863c0aea6fb561c266404a7ea3 Sha256: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
GET / HTTP/1.1 Host: rbfcu2.web.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: rbfcu2.web.app/ FQDN: rbfcu2.web.app IP: 199.36.158.100 HASH: d27af4dd00f0232e15a5fefd948f42f3654adb7ceee7ddb74a7b51825aa8c7a8 199.36.158.100 HTTP/2 200 OK content-type: text/html; charset=utf-8 cache-control: max-age=3600 content-encoding: br etag: "4ac3c284fa3aedd653b553f394a77eb53369cd7b98ba6767b07eaa538c95a0c8-br" last-modified: Fri, 16 Sep 2022 23:03:49 GMT strict-transport-security: max-age=31556926; includeSubDomains; preload accept-ranges: bytes date: Fri, 23 Sep 2022 20:46:27 GMT x-served-by: cache-bma1679-BMA x-cache: HIT x-cache-hits: 1 x-timer: S1663965987.077034,VS0,VE1 vary: x-fh-requested-host, accept-encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 253 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (666), with no line terminators Size: 253 Md5: 7a6146b32ef1de8507e90b544ff1920a Sha1: 6e24d66c2de4cabd25fcd546484f087b2f5ba8af Sha256: d27af4dd00f0232e15a5fefd948f42f3654adb7ceee7ddb74a7b51825aa8c7a8 Alerts: Blocklists: - openphish: RBFCU - fortinet: Phishing
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 108.156.28.102 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 108.156.28.102 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Fri, 23 Sep 2022 04:13:03 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: iHgcpob2HVZgmFonJu51fzS2E0S_PB53kweOwFUji_t4UyWWKXi1YQ== age: 59605 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
POST /s/gts1d4int/7ZBQLSBvJ5A HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: dd490def6c2df4984ca973f99ebe144d6fb8a5a6cfb5203af2215d3a5120d6a8 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 23 Sep 2022 20:46:27 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 2384caf4a588b4886e6dbf7f424df49a Sha1: 7d9cd924ff877a2ef21344691a1dd59f5ef11a29 Sha256: dd490def6c2df4984ca973f99ebe144d6fb8a5a6cfb5203af2215d3a5120d6a8
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 23 Sep 2022 20:46:27 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 8a0308bb9c1c9f98de773d2953af4c1e44c581c420c1939325f2f95c908de832 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8A0308BB9C1C9F98DE773D2953AF4C1E44C581C420C1939325F2F95C908DE832" Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2500 Expires: Fri, 23 Sep 2022 21:28:07 GMT Date: Fri, 23 Sep 2022 20:46:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 32210a477704ae2bb53bd0fc69b400ce Sha1: 7ed359c6fe9dd64712914186bb52d147214cbf25 Sha256: 8a0308bb9c1c9f98de773d2953af4c1e44c581c420c1939325f2f95c908de832
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 18.165.201.83 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 18.165.201.83 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Fri, 23 Sep 2022 20:33:06 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Fri, 23 Sep 2022 21:30:01 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR50-P3 X-Amz-Cf-Id: 5ZSGp4ZVjOVaygDlO35GHN7hOUOjvGFVZOlgaVgWb-9Usav9ON7guA== Age: 807 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3552 Cache-Control: 'max-age=158059' Date: Fri, 23 Sep 2022 20:46:27 GMT Last-Modified: Fri, 23 Sep 2022 19:47:15 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f714931cf870bfa33815fd259b7246fd Sha1: 38e411ef8ca1b31ead8415ee5f21d98bd9653a86 Sha256: 897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 216.137.34.29 HASH: ca2e1d30d2b83c401d71f8187e64a010de38003fb96fa2c737dbc54a9a8137fa 216.137.34.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 23 Sep 2022 20:46:27 GMT Last-Modified: Fri, 23 Sep 2022 19:42:27 GMT Server: ECS (nyb/1D12) X-Cache: Miss from cloudfront Via: 1.1 c79c2a81ac4d9188a11e797e452b6892.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR61-P2 X-Amz-Cf-Id: KYMKE8muYKHVvLkIOWW8ZFsJOcSGVgsZL-DhMb7b9GcKy3n3qD1EVw== Age: 3840 --- Additional Info --- Magic: data Size: 471 Md5: bbde55290285cf77bb46f5e40a3a6bed Sha1: 54a2751585e67d0033630474edd2fa79457c5acc Sha256: ca2e1d30d2b83c401d71f8187e64a010de38003fb96fa2c737dbc54a9a8137fa
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 216.137.34.29 HASH: ca2e1d30d2b83c401d71f8187e64a010de38003fb96fa2c737dbc54a9a8137fa 216.137.34.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 23 Sep 2022 20:46:27 GMT Last-Modified: Fri, 23 Sep 2022 19:49:12 GMT Server: ECS (nyb/1D18) X-Cache: Miss from cloudfront Via: 1.1 2d58292dbdc9e6483e90b0792b8c3584.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR61-P2 X-Amz-Cf-Id: umkFiFaS6L8LIs5p_okwoYv4Kc6ErepfYcDciBQwxtW2G94rjhWQLQ== Age: 3435 --- Additional Info --- Magic: data Size: 471 Md5: bbde55290285cf77bb46f5e40a3a6bed Sha1: 54a2751585e67d0033630474edd2fa79457c5acc Sha256: ca2e1d30d2b83c401d71f8187e64a010de38003fb96fa2c737dbc54a9a8137fa
OPTIONS /count HTTP/1.1 Host: mike555.herokuapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://rbfcu2.web.app/ Origin: https://rbfcu2.web.app Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: mike555.herokuapp.com/count FQDN: mike555.herokuapp.com IP: 54.224.34.30 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.224.34.30 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Connection: keep-alive Server: gunicorn Date: Fri, 23 Sep 2022 20:46:27 GMT Allow: GET, POST, OPTIONS, HEAD Access-Control-Allow-Origin: https://rbfcu2.web.app Access-Control-Allow-Headers: content-type Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT Vary: Origin Content-Length: 0 Via: 1.1 vegur --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /count HTTP/1.1 Host: mike555.herokuapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 21 Origin: https://rbfcu2.web.app Connection: keep-alive Referer: https://rbfcu2.web.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: mike555.herokuapp.com/count FQDN: mike555.herokuapp.com IP: 54.224.34.30 HASH: d4ef76e99cc04d86733d972cd62c5757cdf9e1e55a0a5f2e661fc27fd3dccbcc 54.224.34.30 HTTP/1.1 200 OK Content-Type: application/json Connection: keep-alive Server: gunicorn Date: Fri, 23 Sep 2022 20:46:28 GMT Content-Length: 35 Access-Control-Allow-Origin: https://rbfcu2.web.app Vary: Origin Via: 1.1 vegur --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 35 Md5: d6f719794e32dae45090c2346e1febc0 Sha1: 87d9fbfc506e4bc87134ae397888ebe0d0aa7a2a Sha256: d4ef76e99cc04d86733d972cd62c5757cdf9e1e55a0a5f2e661fc27fd3dccbcc
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: qOu25biUFTLzdPacNFS7zg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.42.74.230 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.42.74.230 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: htKY7YYNTROfyfzXdXFxIl6q1mo= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9437 Expires: Fri, 23 Sep 2022 23:23:46 GMT Date: Fri, 23 Sep 2022 20:46:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9437 Expires: Fri, 23 Sep 2022 23:23:46 GMT Date: Fri, 23 Sep 2022 20:46:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9437 Expires: Fri, 23 Sep 2022 23:23:46 GMT Date: Fri, 23 Sep 2022 20:46:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9437 Expires: Fri, 23 Sep 2022 23:23:46 GMT Date: Fri, 23 Sep 2022 20:46:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8497 x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Yin-pEryoAMFTfQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0 x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google date: Thu, 22 Sep 2022 22:11:27 GMT age: 81302 etag: "d47db5fcd83023b4a8de40a47d4510e183de387a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8497 Md5: 7606ff88f05062b66970d9805f38987a Sha1: d47db5fcd83023b4a8de40a47d4510e183de387a Sha256: 20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10127 x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4Y0sHmCoAMFVSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google date: Thu, 22 Sep 2022 22:07:28 GMT age: 81541 etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10127 Md5: b877ead4a15221fdd278ef27f281a7ec Sha1: 48c10714503e8dfdd3e3c3d39b919ef2792f0d15 Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 55ec802097ab49f275686e99844ff4a3b554c8998213bb9c3f0380709297c55b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5936 x-amzn-requestid: 39e79389-c158-4427-aae0-b1d0dc1d0377 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4VowElZoAMF2Ow= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632ccfd1-2da28eb66f876af76158b090;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:49 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: -DSp0__jaBzizsfagTtIpwhkPqkvjS1L6T17J0OS5W0QhZww03ywpw== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google date: Thu, 22 Sep 2022 22:11:29 GMT age: 81300 etag: "370d166426ad83fc04ccb6e300238d8cb6ab644a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5936 Md5: 61059307f07edc4e2ba9d07a258bca43 Sha1: 370d166426ad83fc04ccb6e300238d8cb6ab644a Sha256: 55ec802097ab49f275686e99844ff4a3b554c8998213bb9c3f0380709297c55b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5340 x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4Y19HljIAMFY8w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Thu, 22 Sep 2022 22:11:26 GMT age: 81303 etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5340 Md5: 3b318ea5c36d2b22b925f7dfe382df5f Sha1: 0264e73c4cfff0bb255757c7e1c760a5ad3ece80 Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8029 x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4Y0tHjGoAMFcFw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Thu, 22 Sep 2022 21:48:22 GMT age: 82687 etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8029 Md5: 02a682b4703bb9d6381c762726c05531 Sha1: 1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54 Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14579 x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YcCj6FYCoAMF9Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0 x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Thu, 22 Sep 2022 22:11:48 GMT age: 81281 etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14579 Md5: f10a12719b387d176497669ba75f0acc Sha1: 16e42ba7b20555bf5a8615e5f4bb561204aeeb5a Sha256: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /json/ef6c41a0-9d3c-11eb-8f3b-e1f5536499e7 HTTP/1.1 Host: geolocation-db.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rbfcu2.web.app Connection: keep-alive Referer: https://rbfcu2.web.app/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: geolocation-db.com/json/ef6c41a0-9d3c-11eb-8f3b-e1f5536499e7 FQDN: geolocation-db.com IP: 159.89.102.253 159.89.102.253 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx/1.14.0 (Ubuntu) date: Fri, 23 Sep 2022 20:46:27 GMT access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12922 

                                        
                                            
Expires: Sat, 24 Sep 2022 00:21:49 GMT 

                                        
                                            
Date: Fri, 23 Sep 2022 20:46:27 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    09a973de929ab7452edc342c780d3668

                                                Sha1:   3f14f6e0a36f76863c0aea6fb561c266404a7ea3

                                                Sha256: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         108.156.28.102

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Fri, 23 Sep 2022 04:13:03 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: LHR50-P1 

                                        
                                            
x-amz-cf-id: iHgcpob2HVZgmFonJu51fzS2E0S_PB53kweOwFUji_t4UyWWKXi1YQ== 

                                        
                                            
age: 59605 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 23 Sep 2022 20:46:27 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         18.165.201.83

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Fri, 23 Sep 2022 20:33:06 GMT 

                                        
                                            
Cache-Control: max-age=3600, max-age=3600 

                                        
                                            
Expires: Fri, 23 Sep 2022 21:30:01 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR50-P3 

                                        
                                            
X-Amz-Cf-Id: 5ZSGp4ZVjOVaygDlO35GHN7hOUOjvGFVZOlgaVgWb-9Usav9ON7guA== 

                                        
                                            
Age: 807 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.137.34.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Fri, 23 Sep 2022 20:46:27 GMT 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 19:42:27 GMT 

                                        
                                            
Server: ECS (nyb/1D12) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 c79c2a81ac4d9188a11e797e452b6892.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-P2 

                                        
                                            
X-Amz-Cf-Id: KYMKE8muYKHVvLkIOWW8ZFsJOcSGVgsZL-DhMb7b9GcKy3n3qD1EVw== 

                                        
                                            
Age: 3840 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    bbde55290285cf77bb46f5e40a3a6bed

                                                Sha1:   54a2751585e67d0033630474edd2fa79457c5acc

                                                Sha256: ca2e1d30d2b83c401d71f8187e64a010de38003fb96fa2c737dbc54a9a8137fa

                                        
                                            OPTIONS /count HTTP/1.1 

                                        
                                            
Host: mike555.herokuapp.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://rbfcu2.web.app/ 

                                        
                                            
Origin: https://rbfcu2.web.app 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.224.34.30

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: gunicorn 

                                        
                                            
Date: Fri, 23 Sep 2022 20:46:27 GMT 

                                        
                                            
Allow: GET, POST, OPTIONS, HEAD 

                                        
                                            
Access-Control-Allow-Origin: https://rbfcu2.web.app 

                                        
                                            
Access-Control-Allow-Headers: content-type 

                                        
                                            
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT 

                                        
                                            
Vary: Origin 

                                        
                                            
Content-Length: 0 

                                        
                                            
Via: 1.1 vegur 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: qOu25biUFTLzdPacNFS7zg== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.42.74.230

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: htKY7YYNTROfyfzXdXFxIl6q1mo= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9437 

                                        
                                            
Expires: Fri, 23 Sep 2022 23:23:46 GMT 

                                        
                                            
Date: Fri, 23 Sep 2022 20:46:29 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7038cca95198779d8bb479045eb56652

                                                Sha1:   e9dcf9451e849f4d55b0909b33a51bd0b1a35296

                                                Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9437 

                                        
                                            
Expires: Fri, 23 Sep 2022 23:23:46 GMT 

                                        
                                            
Date: Fri, 23 Sep 2022 20:46:29 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7038cca95198779d8bb479045eb56652

                                                Sha1:   e9dcf9451e849f4d55b0909b33a51bd0b1a35296

                                                Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10127 

                                        
                                            
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y4Y0sHmCoAMFVSg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw== 

                                        
                                            
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 22 Sep 2022 22:07:28 GMT 

                                        
                                            
age: 81541 

                                        
                                            
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10127

                                                Md5:    b877ead4a15221fdd278ef27f281a7ec

                                                Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15

                                                Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5340 

                                        
                                            
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y4Y19HljIAMFY8w= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ== 

                                        
                                            
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 22 Sep 2022 22:11:26 GMT 

                                        
                                            
age: 81303 

                                        
                                            
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5340

                                                Md5:    3b318ea5c36d2b22b925f7dfe382df5f

                                                Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80

                                                Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 14579 

                                        
                                            
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YcCj6FYCoAMF9Yw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA== 

                                        
                                            
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 22 Sep 2022 22:11:48 GMT 

                                        
                                            
age: 81281 

                                        
                                            
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   14579

                                                Md5:    f10a12719b387d176497669ba75f0acc

                                                Sha1:   16e42ba7b20555bf5a8615e5f4bb561204aeeb5a

                                                Sha256: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

URL	rbfcu2.web.app/
IP	199.36.158.100 (United States)
ASN	#54113 FASTLY
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-23 20:46:37 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	4
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (12)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.36.158.100

Last 5 reports on ASN: FASTLY

Last 2 reports on domain: rbfcu2.web.app

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (26)

Overview

Domain Summary (12)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.36.158.100

Last 5 reports on ASN: FASTLY

Last 2 reports on domain: rbfcu2.web.app

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (26)

Network Intrusion Detection Systems