104.248.198.151/f/xs.x86
200 10 kB IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43281)
Hash 4e37d731be022cdc3e4fb3d8867d6f67
7e3f1d2cf64037ba0da3bf8f5b94eeb72cad2185
f0505ee0689ebda4bdf559b48804d22c6c8ce0869d79a6366cee8674fb7f886b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO x86 File Download Request from IP Address
suricata medium ET HUNTING Suspicious GET Request for .x86
GET /f/xs.x86 HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5949
Expires: Fri, 31 Mar 2023 10:25:27 GMT
Date: Fri, 31 Mar 2023 08:46:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7961
Expires: Fri, 31 Mar 2023 10:58:59 GMT
Date: Fri, 31 Mar 2023 08:46:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 08:16:10 GMT
content-type: application/json
age: 1808
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Fri, 31 Mar 2023 10:31:41 GMT
Date: Fri, 31 Mar 2023 08:46:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mQnQ0dUqvRBubZJXu2JwKNgffEkDT1nXWTOYqEKK+dG7Hlxa/g9Jkx+pox/rEtxah9edbHuuuAA=
x-amz-request-id: 6V0B1MMCF1BEEV01
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 08:03:16 GMT
age: 2582
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 08:46:18 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
104.248.198.151/js/vendors-main.m.d184ed05.chunk.js
200 6.0 kB URL HTTP/1.1 104.248.198.151/js/vendors-main.m.d184ed05.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (19748)
Hash 353aa07ab75f8003f39ab11bbd1b7c9e
af3badcf2125977484f816dcd70b40e6cebf528f
ecc6d6e389eb715ba973d112bf919537d4b4acc547e2a4cc900806a05b76cf81
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendors-main.m.d184ed05.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"19806-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/main.m.6f69b5a0.js
200 11 kB URL HTTP/1.1 104.248.198.151/js/main.m.6f69b5a0.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (28285)
Hash 127d7be464cb45c11e3f1ac00129052f
08368e4a3e49e5d3c19579984d78e18a4070d8b1
3f4fb9162f5c7a96f6718cf1141cfc500c825abdd81df546646168abe6056c3a
Analyzer Verdict Alert quad9 Sinkholed
GET /js/main.m.6f69b5a0.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"28329-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/apple-touch-icon-180x180.png
200 6.1 kB URL HTTP/1.1 104.248.198.151/apple-touch-icon-180x180.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 47204bd1431a1a73ef2525bfa5509fdc
8f98e730f717699b376ed5ceb6843eb77d2b0167
040bb39fa16f1bc88f01a26d1a471de74027b2d7a00035bf638b2dbf7755974d
Analyzer Verdict Alert quad9 Sinkholed
GET /apple-touch-icon-180x180.png HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: image/png
Content-Length: 6087
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ETag: W/"6087-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
104.248.198.151/favicon.ico
200 5.4 kB URL HTTP/1.1 104.248.198.151/favicon.ico
IP
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b4e4785d5852c563b9ae47cbb7af06fe
b9a7a5180304bf8af55cce900012010239c1dd80
0cb0b90207b376931f9a8fa5d518f6b1ea2ecf6b0d67d634ae01a38ecb8ad8b5
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: image/x-icon
Content-Length: 5430
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ETag: W/"5430-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
104.248.198.151/js/17.m.7c19ad00.chunk.js
200 13 kB URL HTTP/1.1 104.248.198.151/js/17.m.7c19ad00.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
Hash 0a8752041abf0421db227b2ff66585c9
7fccfb611898287650d07a849c0e492f33ff0573
87d8f241343fe0bddf3613ea48578639ce77298943c4c6b8e64e157448143e07
Analyzer Verdict Alert quad9 Sinkholed
GET /js/17.m.7c19ad00.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"47505-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/9.m.437592dd.chunk.js
200 18 kB URL HTTP/1.1 104.248.198.151/js/9.m.437592dd.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (34594)
Hash 21fb7b1a51bb02234d9a75f6e5af6387
a211e40fbb790f4fa0de87400a3cad7d1006130e
1d7874d0257bd116e1418c1941928e601c3637aecb50bc9a41bdb733cbbb1f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /js/9.m.437592dd.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"59416-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/api/users/current
401 0 B URL HTTP/1.1 104.248.198.151/api/users/current
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /api/users/current HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.248.198.151/f/xs.x86
Connection: keep-alive
HTTP/1.1 401
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
104.248.198.151/api/navigation/global
401 0 B URL HTTP/1.1 104.248.198.151/api/navigation/global
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /api/navigation/global HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.248.198.151/f/xs.x86
Connection: keep-alive
HTTP/1.1 401
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
104.248.198.151/js/app.m.3ee455d5.chunk.js
200 47 kB URL HTTP/1.1 104.248.198.151/js/app.m.3ee455d5.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash de37f25ca046a0e68790c7e74999dcbe
252de6699ba49ea6db56058440a1c5637833cf55
d3a4754f99af4b468997f258f10586d11be1df4fd27cbd88ac7bbc64925e426f
Analyzer Verdict Alert quad9 Sinkholed
GET /js/app.m.3ee455d5.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"188922-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/api/l10n/index?locale=en-US
200 50 kB URL HTTP/1.1 104.248.198.151/api/l10n/index?locale=en-US
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 10cc882196fccab20bad7f9be46dc34e
5a6bea5d58ac24b3385705948ad77bb3455dbea1
d1d0df6643eed17029b598c14fc3799cfbf22228cdfd30a5de0027e59e5990cf
Analyzer Verdict Alert quad9 Sinkholed
GET /api/l10n/index?locale=en-US HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.248.198.151/f/xs.x86
Connection: keep-alive
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Sonar-Version: 7.9.5.38598
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/vendors-app.m.b88ebad0.chunk.js
200 54 kB URL HTTP/1.1 104.248.198.151/js/vendors-app.m.b88ebad0.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64942)
Hash 99aefef73eaad012bf380f6474008336
c9002a1094783bbb25bee661f8a35f2caa711e3d
dabed327494fd3a55119b4fbc35599364f14aaccf1f40d09cd9a23205ca40673
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendors-app.m.b88ebad0.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"165141-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
200 10 kB URL HTTP/1.1 104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43281)
Hash 4e37d731be022cdc3e4fb3d8867d6f67
7e3f1d2cf64037ba0da3bf8f5b94eeb72cad2185
f0505ee0689ebda4bdf559b48804d22c6c8ce0869d79a6366cee8674fb7f886b
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO x86 File Download Request from IP Address
GET /sessions/new?return_to=%2Ff%2Fxs.x86 HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/314.m.fefd882d.chunk.js
200 3.9 kB URL HTTP/1.1 104.248.198.151/js/314.m.fefd882d.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6502)
Hash 2187f077750be754e621075e5154a581
31fc4f642d05bba7ab5338da7e4d51ee7fa057d9
2c7534d70b3751b276f409f43c15f1ce7f058788324ebcfd451742f0eb4875d1
Analyzer Verdict Alert quad9 Sinkholed
GET /js/314.m.fefd882d.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/f/xs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"9829-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/api/navigation/global
401 0 B URL HTTP/1.1 104.248.198.151/api/navigation/global
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /api/navigation/global HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
Connection: keep-alive
HTTP/1.1 401
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
104.248.198.151/api/l10n/index?locale=en-US
200 50 kB URL HTTP/1.1 104.248.198.151/api/l10n/index?locale=en-US
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 10cc882196fccab20bad7f9be46dc34e
5a6bea5d58ac24b3385705948ad77bb3455dbea1
d1d0df6643eed17029b598c14fc3799cfbf22228cdfd30a5de0027e59e5990cf
Analyzer Verdict Alert quad9 Sinkholed
GET /api/l10n/index?locale=en-US HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
Connection: keep-alive
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Sonar-Version: 7.9.5.38598
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/vendors-app.m.b88ebad0.chunk.js
200 54 kB URL HTTP/1.1 104.248.198.151/js/vendors-app.m.b88ebad0.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64942)
Hash 99aefef73eaad012bf380f6474008336
c9002a1094783bbb25bee661f8a35f2caa711e3d
dabed327494fd3a55119b4fbc35599364f14aaccf1f40d09cd9a23205ca40673
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendors-app.m.b88ebad0.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"165141-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11190
Expires: Fri, 31 Mar 2023 11:52:48 GMT
Date: Fri, 31 Mar 2023 08:46:18 GMT
Connection: keep-alive
104.248.198.151/js/369.m.d59054c6.chunk.js
200 561 B URL HTTP/1.1 104.248.198.151/js/369.m.d59054c6.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (512)
Hash 7fac243e44988db163177060e7411591
7108d1c2bdaa91383903e1e79d23e12a2df57857
93fc935ddce94381d7b08c22f956b69b367539c7f9ec5cf7ef4b8318c829116f
Analyzer Verdict Alert quad9 Sinkholed
GET /js/369.m.d59054c6.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Content-Length: 561
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"561-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 08:17:26 GMT
age: 1732
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
104.248.198.151/js/0.m.5f1f98f2.chunk.js
200 6.0 kB URL HTTP/1.1 104.248.198.151/js/0.m.5f1f98f2.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (17170)
Hash 487a99c96e1d753bb9b22669b9b0cbff
f063ce08faaad0703234091e1567040ea4c166e9
ec7d1a65c6bcc0658deebc73f945dc48e617a7effcb47f44afc44e7b421a8ebb
Analyzer Verdict Alert quad9 Sinkholed
GET /js/0.m.5f1f98f2.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"18895-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/304.m.64d672ef.chunk.js
200 3.1 kB URL HTTP/1.1 104.248.198.151/js/304.m.64d672ef.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (10155)
Hash a1b1015267fe5b248707e3536fe83202
47b112b1b93807719f1ff1a7e2f1727ee4a3c534
3f721d6b76ebcd57589684aceca8d9996f3ee302a471d8755f293b64c02c8fc8
Analyzer Verdict Alert quad9 Sinkholed
GET /js/304.m.64d672ef.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"10204-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/js/21.m.1264acfc.chunk.js
200 1.1 kB URL HTTP/1.1 104.248.198.151/js/21.m.1264acfc.chunk.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2205)
Hash b8a74baf9f0938feed452e83535cf9d5
f067b3715c06d671ffddc15f86dadde1124c83d0
e99b758f54c1b8b0d161b098dd1aac940a33c53ac559e2fce3f9a1e759bfa4a2
Analyzer Verdict Alert quad9 Sinkholed
GET /js/21.m.1264acfc.chunk.js HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ETag: W/"2253-1605082808000"
Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
104.248.198.151/api/users/identity_providers
200 24 B URL HTTP/1.1 104.248.198.151/api/users/identity_providers
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash f6771007e68c1504df1f503964c8f6d5
a021d30aa08ed4bbc01c28eb2414b6aae7b7df81
757bb747ba269253666a63bb8bf42b5711e8c5af8f7e03b17b1a1888e3e74e91
Analyzer Verdict Alert quad9 Sinkholed
GET /api/users/identity_providers HTTP/1.1
Host: 104.248.198.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.x86
Connection: keep-alive
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 08:46:19 GMT
Content-Type: application/json
Content-Length: 24
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Sonar-Version: 7.9.5.38598
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6212
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 08:46:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6212
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 08:46:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e55c2ccec92fa37b631f5616ba5e1b77
c3f1113bad672968f22e63693ef4481f7f5616fe
10bfe1a2cf0b6e0a2a548935a1afc061fc61990a121a84580f3969df68b7974c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 2e382033-306f-40ed-b259-76790e5e3ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUlmGujoAMFamQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-3856db4579fce52a18219166;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: cYDbU2yRL1y7tFVehv7XBDdywykpvl7kVurr1JvsGPTlYkmsOBwczg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:04:58 GMT
age: 38482
etag: "c3f1113bad672968f22e63693ef4481f7f5616fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 876e5464aba1639f3b07b07d1d694514
93885a6205be71d16187782b1803f53d5c8538cb
6e2b6b15f462922a9e8260f55cfcd94d488d1a48435458db43270ea3b825d8c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13775
x-amzn-requestid: 43d1a1f3-b189-4fcd-a298-429123d1921b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUloF9woAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-13778451622503253ea252eb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXA995GxGti4_AzSi9F19ZNvUwm5_ZSBw0BB0lRIfNHcmX7Ajt6bSg==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:52:34 GMT
age: 39226
etag: "93885a6205be71d16187782b1803f53d5c8538cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 14:31:29 GMT
age: 65691
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: 1fad6d1e-3380-4574-9796-ca6bde35b507
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUneEK8IAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260162-690f6e9933616e9b74b70435;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 5qljjE3ByqQaRJhcpkBZFcYVH4lCoP2idQM0iPBAT7znLfoZmO0lUg==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:29 GMT
age: 39591
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 37754
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:44:37 GMT
age: 7303
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7qdUph9fISszbH1shkqOeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gxGQgGYvaaVjVyJzAn97oS8RSUY=
Date: Fri, 31 Mar 2023 08:46:23 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
104.248.198.151
34.117.65.55
23.36.77.32