r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8624
Expires: Mon, 12 Dec 2022 03:51:07 GMT
Date: Mon, 12 Dec 2022 01:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17659
Expires: Mon, 12 Dec 2022 06:21:42 GMT
Date: Mon, 12 Dec 2022 01:27:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 01:08:33 GMT
content-type: application/json
age: 1130
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18399
Expires: Mon, 12 Dec 2022 06:34:02 GMT
Date: Mon, 12 Dec 2022 01:27:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4dns1WREq2Xv6v+5952Zrb6ll3LMLc1yFmD/lVSV3MGW8laV1cPMpDkK9cPrSxgSw7oMlCmDn/M2IJiFucHbYA==
x-amz-request-id: ANDSN60EE5A889DR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 00:49:24 GMT
age: 2279
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 01:27:23 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
grantfairy.org/Secure/Edd.Ca/
200 OK 14 kB URL HTTP/2 grantfairy.org/Secure/Edd.Ca/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1272), with CRLF line terminators
Hash 4fc900d89148ca16a2f886b6e2062399
cf28495be263af0cffc8e828e739d9dd2b3aa2f4
d9060304eb807b5f0e1272f867983353cf3cbdde803a4aeb46a6207a7499b5f9
Analyzer Verdict Alert openphish Bank of America
fortinet Phishing
GET /Secure/Edd.Ca/ HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14473
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 01:27:23 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 74d82b5960e5e12af402b01fa10b0829
4b80baad99eaafa43a8a78dbcd8e0df4141b3dd7
328abed4a3d2ea1d745c64c5c40925ae5efca25846d2e1c8457a030347473b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
grantfairy.org/Secure/Edd.Ca/style.css
200 OK 948 B URL HTTP/2 grantfairy.org/Secure/Edd.Ca/style.css
IP
File type ASCII text, with very long lines (467), with CRLF line terminators
Hash e7847c3e306a3c2314e73f548fb814d3
99e6b7e72ee71611d4cd4aa3e42a9f56af7af94c
cfdded8e291805e9234e34770f754e0145503c383919bfdc42a78f12586f61e1
GET /Secure/Edd.Ca/style.css HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/Secure/Edd.Ca/
Cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 17:24:54 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 948
content-type: text/css
date: Mon, 12 Dec 2022 01:27:24 GMT
server: Apache
X-Firefox-Spdy: h2
grantfairy.org/Secure/Edd.Ca/img/boahead.JPG
200 OK 26 kB URL HTTP/2 grantfairy.org/Secure/Edd.Ca/img/boahead.JPG
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 884x216, components 3\012- data
Hash 5ab28e244edc94aa1b993a84e0702e66
67425529b0937819841bf84dc4cfff0824b1be4a
98850f349bbeebea3362ebc66c4317250bec0bec7378e6c8e1ed6ac6772af88e
Analyzer Verdict Alert fortinet Phishing
GET /Secure/Edd.Ca/img/boahead.JPG HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/Secure/Edd.Ca/
Cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 00:41:30 GMT
accept-ranges: bytes
content-length: 25771
content-type: image/jpeg
date: Mon, 12 Dec 2022 01:27:24 GMT
server: Apache
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:30:58 GMT
expires: Wed, 06 Dec 2023 22:30:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 442586
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 01:07:56 GMT
age: 1168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
grantfairy.org/Secure/Edd.Ca/img/boamob-foot.JPG
200 OK 137 kB URL HTTP/2 grantfairy.org/Secure/Edd.Ca/img/boamob-foot.JPG
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1192x1756, components 3\012- data
Size 137 kB (137008 bytes)
Hash 13b7346fa49a51e482a24c46fba51ba3
4f8feaa2afc6079963a96a6e67f350aa9c6af1c4
4ef1af1a486c12106c53cd3eaf7ad1a82af738d845f707bd83fc431cb7a0b08c
Analyzer Verdict Alert fortinet Phishing
GET /Secure/Edd.Ca/img/boamob-foot.JPG HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/Secure/Edd.Ca/
Cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 03:17:04 GMT
accept-ranges: bytes
content-length: 137008
content-type: image/jpeg
date: Mon, 12 Dec 2022 01:27:24 GMT
server: Apache
X-Firefox-Spdy: h2
grantfairy.org/Secure/Edd.Ca/logscript.js
200 OK 1.3 kB URL HTTP/2 grantfairy.org/Secure/Edd.Ca/logscript.js
IP
File type ASCII text, with CRLF line terminators
Hash a53a7173bec29aefcb111d3aa8819f13
b2509961fab758c0027a63311b16d4d3b4ca35f3
822c2ef3292419d5229bbc22ca5c030dfea342440a6ead07f288287a04a6d0ea
Analyzer Verdict Alert fortinet Phishing
GET /Secure/Edd.Ca/logscript.js HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/Secure/Edd.Ca/
Cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Jun 2022 15:26:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1270
content-type: application/javascript
date: Mon, 12 Dec 2022 01:27:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3291
Cache-Control: max-age=117263
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:27:24 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 10:01:47 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
grantfairy.org/Secure/Edd.Ca/img/favicon.png
200 OK 15 kB URL HTTP/2 grantfairy.org/Secure/Edd.Ca/img/favicon.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b3a10cef527fe85988cdf637b463fe6b
0eec538a4d262acb152dbc29ed5c660929494022
69031c7ce2b40a9bd4e86f3f7e9af80c35dcfa2fa31ff458d7ff64286f729ef3
GET /Secure/Edd.Ca/img/favicon.png HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/Secure/Edd.Ca/
Cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Nov 2021 00:05:24 GMT
accept-ranges: bytes
content-length: 15036
content-type: image/png
date: Mon, 12 Dec 2022 01:27:24 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TtwlCGIJ9rnKrMtEIWzWHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I0p2ONu44jdGtyJSzWQmUaof31o=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:27:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:27:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:27:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:27:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c6b849c6f129763fdb8cb8e204c4061
85c2634af4069eed597ee1c3d469234f948ffe30
e3199deebec60704cfcc2ade400cf7a676cc29571604904decf72fdae77218af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: 69574045-a0a8-43d6-9d8d-55882e45da77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEM0HIWIAMFaJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d85-6815de4f3eec22984800e99b;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L8bSONyZ4Sppy_T6TZjFUz19FsRQRqRGALg4Ttr1cuHPYJxdZwk9VA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:13:54 GMT
age: 11612
etag: "85c2634af4069eed597ee1c3d469234f948ffe30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0390c9a7-2a65-4e1b-9c8b-45222a247a55.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0390c9a7-2a65-4e1b-9c8b-45222a247a55.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91e4f8a8d8b122269b2e42a641fc9d14
a6e47d199bdf4042e550eec74b6681437369d12e
83ef5419fcc048ab8cd25291249c9e48c85ff06c4ac16fc2b3441ebe3acd473e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0390c9a7-2a65-4e1b-9c8b-45222a247a55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6117
x-amzn-requestid: a86f2fd4-3ab6-48d2-9a2c-ff682799101b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENkEjUoAMFvwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d89-1fdf17e33691cdf409bc240d;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: APnfVegVLgywMShYZJrKH22GK9XXM0BLDn6KSI57uwyVgNCXBj9aQA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:42 GMT
age: 12524
etag: "a6e47d199bdf4042e550eec74b6681437369d12e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc3da96-5b77-4fb2-bc43-14a2303cf2ab.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc3da96-5b77-4fb2-bc43-14a2303cf2ab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5aef8a4b47db2eff330ac8df5cb601
70b17a00792b42e3ed26d06b92461b2de090f1e5
2c5962564e4e04e58c583b2708e8d8a1c610843fc53a29cc66bf87e6706a57d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc3da96-5b77-4fb2-bc43-14a2303cf2ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11578
x-amzn-requestid: 3ba66794-67ea-422f-b58b-b9654901c93c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENsFBWoAMF14Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-0fdc76563f14abfd005edaa3;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Xw4kjQs7I3e31bExMBbdJDIIIfXBwTFpDHWBU0Fa4ipYLvHafl__AQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
etag: "70b17a00792b42e3ed26d06b92461b2de090f1e5"
content-type: image/jpeg
age: 12451
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kwweq9Tz-UmF0uP_LKgkPlXwvak8U55ZoBW37FyytkDV0peSujBf5Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:16:48 GMT
age: 11438
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31846d25-a332-413d-b165-920d614e4459.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31846d25-a332-413d-b165-920d614e4459.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e259f6cfee2d6c0e6ed8f96667e49d29
e82afaa50d42a9f4f90681c20dfa4b6b0fbf0203
b7c94aa74cbb7477541aee3382a8754b2ece20f647366aab6743fddac2cfbb8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31846d25-a332-413d-b165-920d614e4459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6907
x-amzn-requestid: 6fe7f356-3243-4bd0-b3b4-6a372b0b50be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD7RGx2IAMFk8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d14-0313b6d539d75742114dab10;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:35:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xVD9tE77stQz0W8-59L1GvXaziDHQce7zswS48xfDK9P5m0AXXSjZA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:35:17 GMT
etag: "e82afaa50d42a9f4f90681c20dfa4b6b0fbf0203"
content-type: image/jpeg
age: 13929
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:48 GMT
age: 13958
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
grantfairy.org/Secure/Edd.Ca/img/boafoot.JPG
200 OK 0 B URL HTTP/2 grantfairy.org/Secure/Edd.Ca/img/boafoot.JPG
IP
Analyzer Verdict Alert fortinet Phishing
GET /Secure/Edd.Ca/img/boafoot.JPG HTTP/1.1
Host: grantfairy.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grantfairy.org/Secure/Edd.Ca/
Cookie: PHPSESSID=0555d8070239eb0c8c0e3eba2763d656
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 03:05:00 GMT
accept-ranges: bytes
content-length: 179524
content-type: image/jpeg
date: Mon, 12 Dec 2022 01:27:24 GMT
server: Apache
X-Firefox-Spdy: h2
67.43.13.183
23.36.76.226
93.184.220.29