Overview

URLinstagramteam.rf.gd/
IP 185.27.134.33 (United Kingdom)
ASN#34119 Wildcard UK Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-23 15:52:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert12
urlquery alerts No alerts detected
Tags None

Domain Summary (10)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
zerossl.ocsp.sectigo.com (1) 4049 2020-05-09 19:05:29 UTC 2022-10-23 05:11:33 UTC 104.18.32.68
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-23 05:08:18 UTC 34.160.144.191
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-23 11:27:17 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-23 04:44:25 UTC 34.210.158.59
errors.infinityfree.net (1) 0 2022-05-27 01:14:37 UTC 2022-10-23 14:05:09 UTC 104.26.8.174 Domain (infinityfree.net) ranked at: 146781
firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-23 08:11:29 UTC 143.204.55.27
r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-23 04:46:55 UTC 23.36.76.226
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-23 04:44:14 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-23 04:44:24 UTC 34.117.237.239
instagramteam.rf.gd (8) 0 2022-10-22 19:51:54 UTC 2022-10-22 19:51:54 UTC 185.27.134.33 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-23 2 instagramteam.rf.gd/ Instagram
2022-10-23 2 instagramteam.rf.gd/ Instagram
2022-10-23 2 instagramteam.rf.gd/ Instagram
2022-10-23 2 instagramteam.rf.gd/ Instagram
2022-10-23 2 instagramteam.rf.gd/ Instagram
2022-10-23 2 instagramteam.rf.gd/ Instagram
2022-10-23 2 instagramteam.rf.gd/ Instagram

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-23 2 instagramteam.rf.gd/aes.js Phishing
2022-10-23 2 instagramteam.rf.gd/image/app.webp Phishing
2022-10-23 2 instagramteam.rf.gd/image/play.webp Phishing
2022-10-23 2 instagramteam.rf.gd/fav.webp Phishing
2022-10-23 2 instagramteam.rf.gd/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.27.134.33
Date UQ / IDS / BL URL IP
2023-01-22 04:39:26 +0000 0 - 0 - 1 reativemind.42web.io/facebook.php?i=3 185.27.134.33
2023-01-07 15:30:07 +0000 0 - 0 - 6 b1host.byethost32.com/ 185.27.134.33
2022-12-29 05:11:47 +0000 0 - 0 - 2 helpcentersareasuppart.rf.gd/ 185.27.134.33
2022-12-22 12:16:24 +0000 0 - 8 - 0 www.spipixel.ml/Login/login.php?i=1 185.27.134.33
2022-12-15 13:37:59 +0000 0 - 0 - 6 metamask-org.rf.gd/ 185.27.134.33


Last 5 reports on ASN: Wildcard UK Limited
Date UQ / IDS / BL URL IP
2023-02-02 16:41:26 +0000 1 - 2 - 5 marketplace-online-facebook-id508221.epizy.co (...) 185.27.134.170
2023-02-02 16:41:02 +0000 0 - 0 - 1 facebookin.rf.gd/facebook/?i=1 185.27.134.225
2023-02-02 16:40:52 +0000 0 - 0 - 1 marketplace-online-facebook-id508221.epizy.co (...) 185.27.134.170
2023-02-02 16:24:08 +0000 0 - 8 - 3 bnpparibas.rf.gd/fr/* 185.27.134.222
2023-02-02 16:21:12 +0000 0 - 0 - 1 sfghjk.byethost31.com/?i=3 185.27.134.140


No other reports on domain: .


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-09-05 22:12:44 +0000 0 - 0 - 10 telifhaklarikanunu.com/ 195.201.179.80
2022-09-05 21:19:37 +0000 0 - 0 - 10 telifhaklarikanunu.com/ 195.201.179.80
2022-09-05 18:32:56 +0000 0 - 0 - 10 telifhaklarikanunu.com/ 195.201.179.80
2022-09-22 18:38:09 +0000 0 - 0 - 3 www.igsupport.icu.yapariz.net/ 2.59.119.2
2023-01-02 06:21:09 +0000 0 - 1 - 14 helplivecenter.cf/ 185.81.154.121

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (28)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 14:52:52 GMT
Expires: Sun, 23 Oct 2022 15:39:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GkeaoNZcAGtGMEL2Mk9kscljj4dAvjreD26dftbZjZc0Fvd71zvY8Q==
Age: 3575


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    bdb8b66c705a7b996496d780f50c00b5
Sha1:   403ae92039fcc933870f51f913f78ccaf9652256
Sha256: c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8751
Expires: Sun, 23 Oct 2022 18:18:18 GMT
Date: Sun, 23 Oct 2022 15:52:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8828
Expires: Sun, 23 Oct 2022 18:19:35 GMT
Date: Sun, 23 Oct 2022 15:52:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 15:52:27 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 19:50:41 GMT
Expires: Sat, 29 Oct 2022 19:50:40 GMT
Etag: "a10b94afb26549fc74c7a1dd2c868a0bee502dd5"
Cache-Control: max-age=532092,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75eba3d6bf63b4f7-OSL

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Tj3aJf0r/DDAJoGFaaOwYQXHkq4MHxZ52kYILKCWNYalDaZUKnlX0iVgHu5+/eGUXdnfrTe4m+M=
x-amz-request-id: VGPMYE2RZGR8PK5N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 15:38:02 GMT
age: 866
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /aes.js HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
content-length: 31206
last-modified: Sat, 08 Aug 2015 08:10:59 GMT
etag: "55c5b993-79e6"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   31206
Md5:    78a66859739b0c9e18bc5b4538c03bf9
Sha1:   77aa2fbbc258645904620937b387d3deedbd16ea
Sha256: d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Alerts:
  Blocklists:
    - openphish: Instagram
    - fortinet: Phishing
                                        
                                            GET /image/giris.gif HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/?i=1
Cookie: __test=7da11f1c3aec6fedc537eb0a7f6e670d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
content-length: 1104215
last-modified: Sat, 22 Oct 2022 19:31:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Tue, 22 Nov 2022 15:52:27 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 800 x 800\012- data
Size:   1104215
Md5:    69b12065bc9682843999aeed832d2654
Sha1:   c6941527609946ff8aac90644b44b92780a0d623
Sha256: eb0bf642ff03beaed1514c6f1916dbb2197ce2aad39f7b5ac7799fc9fb7dbc32

Alerts:
  Blocklists:
    - openphish: Instagram
                                        
                                            GET /image/app.webp HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/?i=1
Cookie: __test=7da11f1c3aec6fedc537eb0a7f6e670d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
content-length: 3234
last-modified: Sat, 22 Oct 2022 19:31:07 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: Sun, 23 Oct 2022 15:52:27 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3234
Md5:    0bb75499e1c9da86024ff6a53790a39b
Sha1:   38a7b5f49f4a372faf0956ffa55f4b3151e221f0
Sha256: cbb0e1777f22838a5146a1ad7d5e9e4e8a80dd92918f9d90cc88679838ecfc3f

Alerts:
  Blocklists:
    - openphish: Instagram
    - fortinet: Phishing
                                        
                                            GET /image/play.webp HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/?i=1
Cookie: __test=7da11f1c3aec6fedc537eb0a7f6e670d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
content-length: 6178
last-modified: Sat, 22 Oct 2022 19:31:28 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: Sun, 23 Oct 2022 15:52:27 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6178
Md5:    6b3287b98c471d27ad8a71cab7715b1d
Sha1:   2705bf8e90dd0c183b6a2bd0f35874a2bb4c1aff
Sha256: b5dc86f28310f05bb645588d5f79eb08389cd52b3312f96c6ed9b34ada84ac9a

Alerts:
  Blocklists:
    - openphish: Instagram
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 23 Oct 2022 15:43:40 GMT
Cache-Control: max-age=3600
Expires: Sun, 23 Oct 2022 16:40:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZBKPleIRjMyqCvMP0t4RZS4rZt64Lk_2fsKVBP_BbYUwTprccydmpQ==
Age: 528


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /fav.webp HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/?i=1
Cookie: __test=7da11f1c3aec6fedc537eb0a7f6e670d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
content-length: 227
location: https://errors.infinityfree.net/errors/404/
cache-control: max-age=0
expires: Sun, 23 Oct 2022 15:52:27 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   227
Md5:    062083477478aac3073dc04e65b37ca7
Sha1:   23384c8e312715b238ad2996f9bd2b020e3d55b7
Sha256: 924f0f4dea114255f599c39bfe3ed86330193e32d9f43563c6159c10f465193b

Alerts:
  Blocklists:
    - openphish: Instagram
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6495
Cache-Control: max-age=151350
Date: Sun, 23 Oct 2022 15:52:28 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:54:58 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nVVhzJ8sydO5My46OtxWiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.210.158.59
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vN5DbOS3/o0rdBVsFLf94dBAD3w=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14550
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 15:52:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14550
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 15:52:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14550
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 15:52:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14550
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 15:52:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8631
x-amzn-requestid: 536a4908-2fd7-4544-9159-ec2acc55a2bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJZH2zoAMFYvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623b-4d76adc023701d0228f951d1;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AvTOiWu0BF1Bxb5m_FlJhMqpgoNbJjUfTnZhZePfjqRCL5XVJEglpg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 65334
etag: "8b0c5f567e25d9bf54263bb3c60b12db225feb81"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8631
Md5:    5cf985ceb648df52d3cf5eb47c7705bc
Sha1:   8b0c5f567e25d9bf54263bb3c60b12db225feb81
Sha256: 9c8551a2d891562e12b9a30966dbd9221a041669db0cbb4395d6fa56791ef0dc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10036
x-amzn-requestid: b1f0e0b9-6fc6-4b7c-a9b0-55845cdfd2d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abR9aEvjIAMF22Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63546388-72742b3a1279d76e2e842930;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e-Q7z6QYQB1CGZ57JUJIf6l7Ofu9nGkF-ONfTrXJb6MMegchNYMqWQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:36 GMT
etag: "066fb94a6ae38e57d67001cc319eea17f837d511"
age: 64914
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10036
Md5:    bcadefe69587d4ab5bf5ff9e71eb5cab
Sha1:   066fb94a6ae38e57d67001cc319eea17f837d511
Sha256: 45b175a2cecee90b2d0efc16c4139686ffcf34bfac9084fe9e5e1c926dc1330c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12031
x-amzn-requestid: 38ca5b87-35e4-46d5-aa1a-15433660ab86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZGifEXzIAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63538476-6c2e5d980616d50c0ef8698a;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 05:49:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpE5uiagdaNLvVqbkou7bVNaLYPZ9vhYawucSE36lWIp65bga3gN2w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 08:04:17 GMT
age: 28093
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12031
Md5:    208445a6f07a7259b8a420c062a81998
Sha1:   50d9f1642c3c47504fb2d4086a40ae8fb9479b50
Sha256: 607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8109
x-amzn-requestid: 39c9edcc-ea64-443e-82b3-230e41edbcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhHBG_HoAMF7Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baef9-7d6e66cd2012a3e8607f0d28;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:12:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -mkpkDB8pmoOQhWZI82RUYjaqQmzCGXNyN5sr1TYXb2kTX16pMGJ_A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:26:56 GMT
age: 62734
etag: "b488761c8ce781a44dcaf2e515ef548480dcd1bc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8109
Md5:    7fa30ef7eff515cfddf2f3b7ee67eb85
Sha1:   b488761c8ce781a44dcaf2e515ef548480dcd1bc
Sha256: 47c0e8ea9ef52c5d45dca54eb251d89983fba9937b7cf7872b065de04786f6ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F412682e9-14c9-40e4-bfec-f73f656f5e10.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5348
x-amzn-requestid: d44ded7c-15b6-4c30-a810-4af1edbb9bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYYZEnboAMFcMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa102-6bdd3c1a2fa437b106f8ea79;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dx2yJ8T_lM1OMR3h0DUtiV359392U2UyReU6hi4tOxxbvFR0iZ_kAg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:01:40 GMT
age: 64250
etag: "4b5e283e4397985f837ab28d94c167ddfdb26c7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5348
Md5:    37143b9d51a289f11607b6b0f9ba534a
Sha1:   4b5e283e4397985f837ab28d94c167ddfdb26c7c
Sha256: d664702a83cac4eaee1710fd03ca41e35d62ae699224490367e605b529e45566
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10309
x-amzn-requestid: 440e8c86-be5e-47c5-8c91-a6b093b7077c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkTaoHWCIAMFwsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e65dd-7a06ea100494b8db4b76c4ec;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 05:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MBUhf5kPAItEZUj03TKeekl9YXcbeh1KeoYnI4rb_v9eBptmVoEgAA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:03:35 GMT
age: 64135
etag: "a3e88fdb581161ee4a77a2e871b5dbf6438740ff"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10309
Md5:    d7d9a7abaf87962b855521efa710812f
Sha1:   a3e88fdb581161ee4a77a2e871b5dbf6438740ff
Sha256: 77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf
                                        
                                            GET / HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Instagram
    - fortinet: Phishing
                                        
                                            GET /?i=1 HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/
Cookie: __test=7da11f1c3aec6fedc537eb0a7f6e670d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
vary: Accept-Encoding
cache-control: max-age=0
expires: Sun, 23 Oct 2022 15:52:27 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/style.css HTTP/1.1 
Host: instagramteam.rf.gd
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instagramteam.rf.gd/?i=1
Cookie: __test=7da11f1c3aec6fedc537eb0a7f6e670d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.27.134.33
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 23 Oct 2022 15:52:27 GMT
vary: Accept-Encoding
last-modified: Sat, 22 Oct 2022 19:36:37 GMT
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires: Tue, 22 Nov 2022 15:52:27 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Instagram
                                        
                                            GET /errors/404/ HTTP/1.1 
Host: errors.infinityfree.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://instagramteam.rf.gd/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.8.174
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 23 Oct 2022 15:52:28 GMT
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO%2BxO6API5pZf41h05Siv5E8z10WrTm2av%2F5iIG21YghBNiBZu81ytbyestdMTNNXQCmNNJDkzV80Npb1VbrtWUcQfo0970GkiEzHOU015HOi4KjqeN7i3eKd1inO2m4IOuATT5UJror"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75eba3db6a9ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---