Report - bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/

Report Overview

Submitted URL
bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-13 19:24:38
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	550 B	7.2 kB	104.17.24.14
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.4 kB	93.184.220.29
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	525 B	25 kB	69.16.175.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	699 B	216.58.211.3
bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	101 kB	104.17.96.13
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	451 B	31 kB	142.250.74.106
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.13.109
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	16 kB	104.18.11.207
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	544 B	947 B	104.18.10.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-13 19:24:11	low	104.17.96.13	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2023-01-13 19:24:11	low	104.17.96.13	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
2023-01-13 19:24:11	low	104.17.96.13	Client IP	ETPRO INFO JavaScript Array Index Obfuscation Technique Inbound

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	Webmail Providers
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	Webmail Providers
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	Webmail Providers
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	Webmail Providers

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	Phishing
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/js/jquery-1.11.1.min.js.download	Phishing
2023-01-13	medium	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/images/favicons	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	2.4 kB	2023-03-12	2023-03-12
Pretty URL bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:10:28 Last Seen2023-03-12 22:10:28 Times Seen1 Hash 3e3db9e3f6c743aff3b65a5725796ab4 627eda1aa9ab38a48fdbd01cf4b73ecc9a4e3577 0389a7a0d87e498131093790ad1d8da132c6b2a1be88ae25d812a06e87325183 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 07:35:43 Times Seen111713 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-26 07:35:43 Times Seen106366 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-26
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 07:35:49 Times Seen244563 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-26
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 07:35:43 Times Seen137019 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/js/jquery-1.11.1.min.js.download	96 kB	2023-03-07	2024-04-26
Pretty URL bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/js/jquery-1.11.1.min.js.download IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 07:17:25 Times Seen46468 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/	4.7 kB	2023-03-07	2024-04-25
Pretty URL bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/ IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:23 Last Seen2024-04-25 19:34:37 Times Seen410 Hash cc4eeaf09c47b3cddb4b2a324cdc4fc7 cf15245e0999e084c0bc1a8701a9a136bf124670 2627e02287fb408227b1596d8cc4e4d89fb31f7ac4e8281bae80d9fd58ed2b5b Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 07:36:24 Times Seen384539 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

HTTP Transactions (31)

URL IP Response Size

bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/

104.17.96.13

200 OK

5.5 kB

URL HTTP/1.1
bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
IP
104.17.96.13:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1720), with CRLF line terminators
Size
5.5 kB (5543 bytes)
Hash
b65da316145f795166bb1dd2376882d5
e1c70c2140733c4ef350f061a8c2a475dafe527b
d2afb12d76ab8caf9f608e84329e05bd340c1b732e062340bbb192fd4f26e098

Detections

Analyzer	Verdict	Alert
openphish	Webmail Providers
fortinet	Phishing

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
suricata	low	ETPRO INFO JavaScript Array Index Obfuscation Technique Inbound

HTTP Headers

GET / HTTP/1.1
Host: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 19:24:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7890831eaaac0b61-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29030400, immutable
ETag: W/"bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64"
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Headers: Content-Type, Range, User-Agent, X-Requested-With
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
X-Ipfs-Path: /ipfs/bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64/
X-Ipfs-Root: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64
X-Ipfs-Roots: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64
Set-Cookie: __cf_bm=PJBx2IxA0yjPnKsBllH_KXxgMOArT_ZjyBoUwiQRLgU-1673637867-0-AZghdJgvDTTqtpwULRuLbh+4Vhd/amKd6/+2qpF5OPnzp0KJvDKosEqq5wWseoeU3Yg9BT+Ek1CP4T0mFdNv9fc=; path=/; expires=Fri, 13-Jan-23 19:54:27 GMT; domain=.bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com; HttpOnly; SameSite=None
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5046
Expires: Fri, 13 Jan 2023 20:48:33 GMT
Date: Fri, 13 Jan 2023 19:24:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4719
Expires: Fri, 13 Jan 2023 20:43:06 GMT
Date: Fri, 13 Jan 2023 19:24:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 13 Jan 2023 18:48:52 GMT
content-type: application/json
age: 2135
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2708
Expires: Fri, 13 Jan 2023 20:09:35 GMT
Date: Fri, 13 Jan 2023 19:24:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Km2LpEbMwGtEjjVmNJJ/wij9YgNAXeLFTa74IfvGdtIYE57ycJIdAmC90aCiBUedbwYkyxqMEVE=
x-amz-request-id: 58Q39QS8C3G838RR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 13 Jan 2023 18:54:38 GMT
age: 1789
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 13 Jan 2023 19:24:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5450410
expires: Wed, 03 Jan 2024 19:24:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aU1Ar3iKIPsVxtTyrfz7Dnm1SMVCrUtGhhmrZhPb12jQYvdCKfldQ8z2FNqK4OhLoA8Wer%2Boe1smGmSE6Re8t0hfmSuk6jmCYB%2BccrzZRt8ueP6qqbapW0DIwYVVYdUiBnwQA3u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7890832169170b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 13 Jan 2023 19:24:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6ae46672a531108277946cabf6343d5b
dd8913bf08b7f43e8483f7bda5fbee49b549c6dd
6bbe4c2cf914b5e2f9f6000540c7675e4247d0af2bf0d3356077330d54a0b2dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 19:24:27 GMT
Last-Modified: Fri, 13 Jan 2023 18:57:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6ae46672a531108277946cabf6343d5b
dd8913bf08b7f43e8483f7bda5fbee49b549c6dd
6bbe4c2cf914b5e2f9f6000540c7675e4247d0af2bf0d3356077330d54a0b2dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1686
Cache-Control: max-age=114764
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 19:24:27 GMT
Etag: "63c0c6a1-117"
Expires: Sun, 15 Jan 2023 03:17:11 GMT
Last-Modified: Fri, 13 Jan 2023 02:49:05 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.10

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 13 Jan 2023 19:24:27 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPv7hp4GEocBCiRiNjhkNGFhYy02NmU4LTQ4NzEtYTRkNS1iNDA4NTBmNGNhMDUQ+OiCoKvU+wIaBgjr34aeBiIMOTEuOTAuNDIuMTU0KNfHATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkYTJmNDFhY2ItYzZiZi00MWM2LWIxZjEtMjYyN2ZiNzU5OGE5GLC6ASIYCAISFGNkczIzNS5zazEuaHdjZG4ubmV0.rEKauXKvy6FGwYNjLylqXXIKKqxtvjj24nD/Z92SWsU=
x-hw: 1673637867.dop226.sk1.t,1673637867.cds245.sk1.hn,1673637867.cds235.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6ae46672a531108277946cabf6343d5b
dd8913bf08b7f43e8483f7bda5fbee49b549c6dd
6bbe4c2cf914b5e2f9f6000540c7675e4247d0af2bf0d3356077330d54a0b2dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 19:24:27 GMT
Last-Modified: Fri, 13 Jan 2023 18:57:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

15 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (50758)
Size
15 kB (14935 bytes)
Hash
c7fd716a7971469ada337492675a75dc
3b72d0f83afe85f22499226fcc1fb983b32c2f11
cfa71ea3126b061840447ea7b253542b702a9d3101e0e531b97f5bba254f1cd6

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 13 Jan 2023 19:24:27 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 16681715
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78908321be62b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/js/jquery-1.11.1.min.js.download

104.17.96.13

200 OK

33 kB

URL HTTP/1.1
bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/js/jquery-1.11.1.min.js.download
IP
104.17.96.13:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32086)
Size
33 kB (33313 bytes)
Hash
5db8015e2476e469bb3c254a9d14d4bb
865959a823e513aeb22ffd0260b8aac01b9e1d2d
2b99d3a625ddfbe1a92214c091cb2e9f74914600d8b3ed8575a5473e74542f8c

Detections

Analyzer	Verdict	Alert
openphish	Webmail Providers
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.11.1.min.js.download HTTP/1.1
Host: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/

HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 19:24:27 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 789083213d560b61-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29030400, immutable
ETag: W/"QmTna64iyzzsiYDke3tVqEtJ7gdfixxw6Cc2ZhzAitpi97"
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Headers: Content-Type, Range, User-Agent, X-Requested-With
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
X-Ipfs-Path: /ipfs/bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64/js/jquery-1.11.1.min.js.download
X-Ipfs-Root: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64
X-Ipfs-Roots: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64,QmVsKkwJ5gxiynHiobpRFaFWp4sX5pcMcYisYc6HebuNhQ,QmTna64iyzzsiYDke3tVqEtJ7gdfixxw6Cc2ZhzAitpi97
Set-Cookie: __cf_bm=evNmKjbnvWw_Gyef.hqVNbyEp5Y8Dwkytr2VYfnTXRA-1673637867-0-AeIgJOqMrQ8I8GYw69Ky7sJPeevB4TmncrNTWTGL4t+svSDo1707iqMkWR/HxG8OIIgmVbm6xR47lqHilXR5o+s=; path=/; expires=Fri, 13-Jan-23 19:54:27 GMT; domain=.bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com; HttpOnly; SameSite=None
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.106

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 20:26:22 GMT
expires: Fri, 12 Jan 2024 20:26:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 82685
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/images/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png

104.17.96.13

200 OK

56 kB

URL HTTP/1.1
bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/images/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
IP
104.17.96.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 860 x 460, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (56109 bytes)
Hash
ce793ac1e75b3f60908cc6e3d63379e5
3bf1bad607d899bb91decb1bb0b32a0d82c233a8
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2

Detections

Analyzer	Verdict	Alert
openphish	Webmail Providers

HTTP Headers

GET /images/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png HTTP/1.1
Host: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/

HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 19:24:28 GMT
Content-Type: image/png
Content-Length: 56109
Connection: keep-alive
CF-Ray: 789083225ac00b4d-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29030400, immutable
ETag: "QmZ2xrcQrLaUZZ4EC1xsX3kvm5DdSCapKmBg3uCtxDNB2a"
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Headers: Content-Type, Range, User-Agent, X-Requested-With
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
X-Ipfs-Path: /ipfs/bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64/images/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
X-Ipfs-Root: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64
X-Ipfs-Roots: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64,QmSrLc9ze3qBJyrVQxL4WpACYBjzQx9Hc46nW9xuAmLerL,QmZ2xrcQrLaUZZ4EC1xsX3kvm5DdSCapKmBg3uCtxDNB2a
Set-Cookie: __cf_bm=18O2WQ1jfptLm9a8OlHFI.vmtnLC_PPzBSxKOzAUey4-1673637868-0-AfVTWfV7zYPFUqDmwIqdA5i0gK84jd6ZxlpEN35Pjb1eJ5mx3z8LRCGGlaPCDM5LeWWGwPSwpODS/aaqtlSz184=; path=/; expires=Fri, 13-Jan-23 19:54:28 GMT; domain=.bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
709dbdc77e1779e7c77865fa27f2573a
8781ced82c5109fbe49e8897844c7c1b89f4c340
8b02e05fc2de10b7aa4115870138f3b4e2a1f79a844924d7c50072b002405dc1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 19:24:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/images/favicons

104.17.96.13

200 OK

492 B

URL HTTP/1.1
bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/images/favicons
IP
104.17.96.13:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
492 B (492 bytes)
Hash
3ca64f83fdcf25135d87e08af65e68c9
b82d0979d555bd137b33c15021129e06cbeea59a
2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947

Detections

Analyzer	Verdict	Alert
openphish	Webmail Providers
fortinet	Phishing

HTTP Headers

GET /images/favicons HTTP/1.1
Host: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/

HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 19:24:28 GMT
Content-Type: image/png
Content-Length: 492
Connection: keep-alive
CF-Ray: 789083225e87b50f-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29030400, immutable
ETag: "QmahtpaoGcbB8D5DuH9t19auJRQHouqof4exbKZy9E9bBz"
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Headers: Content-Type, Range, User-Agent, X-Requested-With
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
X-Ipfs-Path: /ipfs/bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64/images/favicons
X-Ipfs-Root: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64
X-Ipfs-Roots: bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64,QmSrLc9ze3qBJyrVQxL4WpACYBjzQx9Hc46nW9xuAmLerL,QmahtpaoGcbB8D5DuH9t19auJRQHouqof4exbKZy9E9bBz
Set-Cookie: __cf_bm=lW18C_7bmt5p0CIKgmIIazEj9ltBK.1X__vTlUycaLI-1673637868-0-ARyUIP7654ohj06Uzvr+6SWBfC0Y2t+a+s+iLuwiirbAHAlOE/gRCJvL9Iqt+5UQKcwLQ+cpqubZJvI7Qks0SzI=; path=/; expires=Fri, 13-Jan-23 19:54:28 GMT; domain=.bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 13 Jan 2023 18:33:45 GMT
age: 3043
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1212
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 19:24:28 GMT
Last-Modified: Fri, 13 Jan 2023 19:04:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.214.13.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.13.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ItQXJXnnzfTI1XZ4Cs/UyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q714qeqj/GEz3uYff6qqoWxBNFg=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5298
Expires: Fri, 13 Jan 2023 20:52:47 GMT
Date: Fri, 13 Jan 2023 19:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5298
Expires: Fri, 13 Jan 2023 20:52:47 GMT
Date: Fri, 13 Jan 2023 19:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5298
Expires: Fri, 13 Jan 2023 20:52:47 GMT
Date: Fri, 13 Jan 2023 19:24:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8785 bytes)
Hash
7c276d1876bfcc6ec4dfb94bcdd2f6c8
177a80d7d4d3fc273a712cada41abdd87b138a6c
abceeefeec2fc658e285a2898e38a36643501bfa1d66f33e216f100e456a8c06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8785
x-amzn-requestid: 4844b27a-1080-4d95-9a35-c8ab7cdd9acb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph7sEajoAMF_gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d17-2520efc6579a4fbc25cdb515;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RKH9tjX9MxE-NWDVWa4KZqrXKnzx-2200m_vm18DyYeWII0U6NgsVA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:00:02 GMT
etag: "177a80d7d4d3fc273a712cada41abdd87b138a6c"
content-type: image/jpeg
age: 77067
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9432 bytes)
Hash
bb3062f9905c7c6f159cd203f5fdfe64
bcf17c475a27fae03369d1677dc0bedf6793e6b2
33dc1a810207f498c28b764cc26afa00b16594629ae6777957ccffd8e2c51f8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9432
x-amzn-requestid: 2835c1c8-0a8e-4985-be89-d641d5425971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph50HONIAMF3vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d0b-53c6156514cdb1a463add03b;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EOLxwKB_KBf_zkLlBLFn9nrDGM-FfONoTWUGR2093kLhka3wkb6yhg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:02:02 GMT
age: 76947
etag: "bcf17c475a27fae03369d1677dc0bedf6793e6b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 06:50:08 GMT
age: 45261
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5990 bytes)
Hash
ba61442e6ededd7b49f6244613df0e63
385f45b5920174ca20bcc2d9c02eedb4641f48a9
5e5cd1fd026dc72d0c3c5032fbae17f3383c64ee2714808c892c094353f31012

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5990
x-amzn-requestid: 54a83ca0-eb61-4212-8c98-e1e182b860ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsZiEeBoAMF7kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2770-3565b4d43d28ee3c0fd16ed0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SUICoi37lPgXPQu4PTLCmc-6l2G9SHKz8f2qhZgHBMEbuuSi5zMiaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 03:38:24 GMT
age: 56765
etag: "385f45b5920174ca20bcc2d9c02eedb4641f48a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9697 bytes)
Hash
e514f1b711f68a1699f9d0d269ca9a8a
71621fabcc4ae2a8c3180e22e63fac1217c4032f
cc10cadc4477cc6faa1973343b9019b1b4bc94e5ec9fab114a4b755f24872f35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9697
x-amzn-requestid: 6279e4e0-7268-422a-878c-3983bffa37d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: edG9MHqjoAMF3dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb8521-59063fac03eb407d74cabd38;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 03:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LdM05QUvlJcxt8IaDM9Wr4_CM5-SrhsBRAkVcdkVxNiyrJveNFHK9g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 05:12:42 GMT
age: 51107
etag: "71621fabcc4ae2a8c3180e22e63fac1217c4032f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6895 bytes)
Hash
51f29fa68742d72a5ad8ad54a973424d
4941e01c8718adfe7ce13d551e80549236e561df
83b4e946e058ae662e559703f64896ce4c5de969045cf8e3e00806297eab0007

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6895
x-amzn-requestid: 9367b7b5-6904-4308-85ca-69231b2d6fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXnqzFBlIAMFcQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b95311-5774375508659511014974c0;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 11:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iVPiVZnh-zRlIEguoiOssDfs0bg74oM1nZyUNfY5XqRIsE_KArUZhA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:46:34 GMT
age: 77875
etag: "4941e01c8718adfe7ce13d551e80549236e561df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com
Connection: keep-alive
Referer: http://bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6bln6trhjbjydm64.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 13 Jan 2023 19:24:27 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6ec73c950726ca7cdf7114a37ddfb3d8
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78908321bf5db50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations