Report - it.gratissesso.me/click?o=262&a=4197

Report Overview

Submitted URL
it.gratissesso.me/click?o=262&a=4197
IP
3.66.74.238
ASN
#16509 AMAZON-02
Submitted
2022-12-05 01:48:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ssl.scaletrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	979 B	2.6 kB	18.194.62.185
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	48 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.88
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	846 B	2.5 kB	142.250.74.106
it.gratissesso.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	832 B	740 B	18.194.62.185
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
cdn-dimi.akamaized.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.0 kB	2.0 MB	184.31.15.67
lavavq.amazlngdate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	50 kB	52.19.101.114
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.230.192
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	34 kB	216.58.207.227
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	11 kB	216.58.211.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	lavavq.amazlngdate.com/ortb	Phishing
2022-12-05	medium	lavavq.amazlngdate.com/js/pushjs/1.0.0/utils.js	Phishing
2022-12-05	medium	lavavq.amazlngdate.com/js/pushjs/1.0.0/subscriber.js	Phishing
2022-12-05	medium	lavavq.amazlngdate.com/js/service-worker.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen10994 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1	2.6 kB	2023-03-08	2023-03-08
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:23 Last Seen2023-03-08 16:29:23 Times Seen1 Hash d2a0008e0188fd963277826455ef4a33 7c6a29035f7825ae6ee36bc0427c44d7d2ac61f9 864d13545608ff2da2dd24c03610d2cc7f2ec488ed1f30b1046ad3acdaabb1ac Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1	324 B	2023-03-08	2023-03-08
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:23 Last Seen2023-03-08 16:29:23 Times Seen1 Hash 9116a8e10c0055c84928281c50479e80 adb37efe7d39957a6b6cfa2b37083e298de7df04 dff649de9abc2345d6c06107e90e38d21541724fbc1711c726dfe39da614215a Loading...

	cdn-dimi.akamaized.net/landings/277386/1669909407/js/vegas.js?1669909407	12 kB	2023-03-07	2024-03-04
Pretty URL cdn-dimi.akamaized.net/landings/277386/1669909407/js/vegas.js?1669909407 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-03-04 11:45:24 Times Seen2745 Hash 9acc66fdf18dea05bd75165eb5a96259 f613c52a08155727d4f07536d7bc8df5b6fa0c84 4941450491d73ab79ffb428e660c4cb581acbbad86edf8e943211ea51fe3a6c1 Loading...

	cdn-dimi.akamaized.net/landings/277386/1669909407/js/translates.js?1669909407	28 kB	2023-03-07	2023-11-27
Pretty URL cdn-dimi.akamaized.net/landings/277386/1669909407/js/translates.js?1669909407 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:19 Last Seen2023-11-27 04:28:25 Times Seen1471 Hash 07cee83d1be10af1ca991d1c60abd6e2 b5f142d6aac82ede612b6cf96b1e7f25d797e87a 6fc50a9d3f16721904905fa44980c6cac2e3e82f5da71c18f84d289dd1bc54d3 Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1	59 B	2023-03-07	2024-01-30
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:54:41 Last Seen2024-01-30 00:06:54 Times Seen271 Hash 9d332ab7a1f65ecaa6935dfd69626832 d1f094a412afb0760ed2b02f2a8c35b897e4a38f 92f281629763a7f249bf5cbd234f52fb549bd29f364dc51b34cb8621b42d7c02 Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1	25 B	2023-03-07	2024-02-05
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:52 Last Seen2024-02-05 05:17:29 Times Seen574 Hash 2d41d60a42497a65eec45b94de3c8bba ae34889e77f52741f04772e8ea5a012b45f1fb69 28cff31264d4ffb57f25808f303a8e26c94ff6eb2337314d471c5a936d433dba Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1	1.1 kB	2023-03-08	2024-01-30
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:05:28 Last Seen2024-01-30 00:06:54 Times Seen364 Hash bbb1620627154e4d1dfe6f2311527a09 4ee6ef04a16d55e01adc79d286b2e228a20fb84b e91bc30aa3f8d254b591ba919d0310d22b54a570dba39128daa03e891552357e Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1	48 B	2023-03-08	2023-03-13
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:41 Last Seen2023-03-13 08:44:38 Times Seen1 Hash 0a83c649b594c215f1e893f12f119d9a 7c55ba789c4867f121508afbd5ba85fff36e60dc 13bfd1183c683be9595b7ffb28cbe005d0120433c0b1b75d2b1d3cb3839ca003 Loading...

	lavavq.amazlngdate.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-03-07	2023-05-23
Pretty URL lavavq.amazlngdate.com/js/pushjs/1.0.0/subscriber.js IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2023-05-23 11:55:13 Times Seen1847 Hash eaaa22632bcced1b4a2bad3c22bd618f c5bb4097ff0b252c19671985d5d431dfd6bb7281 20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550 Loading...

	lavavq.amazlngdate.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-04-21
Pretty URL lavavq.amazlngdate.com/js/pushjs/1.0.0/utils.js IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-21 23:30:57 Times Seen4796 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	ssl.scaletrk.com/click?o=144&a=4197&sub_id1=&sub_id2=&sub_id3=	171 B	2023-03-08	2023-03-08
Pretty URL ssl.scaletrk.com/click?o=144&a=4197&sub_id1=&sub_id2=&sub_id3= IP 18.194.62.185 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:23 Last Seen2023-03-08 16:29:23 Times Seen1 Hash 3c253ae6b8fad25e48a6ba4ccbf51fb8 1719868e8f56472b700e0758e753ed0c5efbe924 313779f50a791fc461c31df98f830a897e693d46b76594e0eec101ca4b3c8558 Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1	2.0 kB	2023-03-08	2023-03-08
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:23 Last Seen2023-03-08 16:29:23 Times Seen1 Hash d5c6e42d0a741ae3760aab5b869e4c2b 0b4d23e7165b51d5277d29941dbd74074fbee5ad 8fe9a282c9dcbe53a4a37f0b7340c5a9361db38e1c2d5a09db76beddfa509324 Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1	3.1 kB	2023-03-08	2023-03-08
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:23 Last Seen2023-03-08 16:29:23 Times Seen1 Hash fc785cdb94989028bc0c3a0ed9f0ed44 bda2a5c39a16b296fb568566fa15a32d28e35a49 30eb94c8bc830cb0d24e6f2c22bfdce8782a8691b86639ee928757e66b06122a Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1	7.3 kB	2023-03-08	2023-03-08
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1 IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:23 Last Seen2023-03-08 16:29:23 Times Seen1 Hash 9889c1999f04ebb52f709a935f29c623 ff207398d02a697e9c7be5ebd6fad8b05e8135cd 82e11a8bdf566372122c4d31c6af3b64447646ba5ddee8e1173240844f8a1fad Loading...

	cdn-dimi.akamaized.net/landings/277386/1669909407/js/title_tanslate.js?1669909407	3.0 kB	2023-03-08	2024-04-19
Pretty URL cdn-dimi.akamaized.net/landings/277386/1669909407/js/title_tanslate.js?1669909407 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:05:28 Last Seen2024-04-19 20:40:42 Times Seen3631 Hash 5f373fa5bf21c44b9ad23b70ef96e73d 068ef5b63ab18924a286f2c0c3ec46545e08c678 7f40bc2c95ee280de5320ae7d33f2e57eeeb0cda5b5820f2c456a0c9ba50ed77 Loading...

	lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1	3.4 kB	2023-03-08	2023-03-08
Pretty URL lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:29:22 Last Seen2023-03-08 16:29:23 Times Seen1 Hash 266651d0caf9d3e080277f5c0eb55f7d f87d74cbb5a48eac353fd33f362e2745cbc2e28b c1ca4fc98d77d242400ad991e73ba92434e7d62420c77e8cc14a714ee9f0fa3a Loading...

	cdn-dimi.akamaized.net/landings/277386/1669909407/js/jquery-2.2.4.min.js?1669909407	86 kB	2023-03-07	2024-04-23
Pretty URL cdn-dimi.akamaized.net/landings/277386/1669909407/js/jquery-2.2.4.min.js?1669909407 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-23 19:01:01 Times Seen383087 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	cdn-dimi.akamaized.net/landings/277386/1669909407/js/function.js?1669909407	4.2 kB	2023-03-07	2024-01-30
Pretty URL cdn-dimi.akamaized.net/landings/277386/1669909407/js/function.js?1669909407 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-01-30 06:51:41 Times Seen1355 Hash 5da2c51949f2a873bf0091a104658e72 89d122a536af95bd4183de41fa10e6947c9806e8 80a1aae3b07ee310419c80f52fb2f179bfebc74bf46598bc6b041455feef3201 Loading...

	cdn-dimi.akamaized.net/landings/277386/1669909407/js/tn_pHash.js?1669909407	252 B	2023-03-07	2023-12-04
Pretty URL cdn-dimi.akamaized.net/landings/277386/1669909407/js/tn_pHash.js?1669909407 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:19 Last Seen2023-12-04 06:45:22 Times Seen1475 Hash 3544c08851825a863747a126548d6993 01882998e61b9f93d5f346386fa633f6b8d95b2d 9804b1c7443db74b2d7fe81cf11d84c8f0d9a7dee281b4fe8c15552bdc7eed69 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen11070 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

HTTP Transactions (54)

URL IP Response Size

it.gratissesso.me/click?o=262&a=4197

18.194.62.185

301 Moved Permanently

134 B

URL HTTP/1.1
it.gratissesso.me/click?o=262&a=4197
IP
18.194.62.185:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /click?o=262&a=4197 HTTP/1.1
Host: it.gratissesso.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Mon, 05 Dec 2022 01:48:27 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://it.gratissesso.me:443/click?o=262&a=4197

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11863
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 01:48:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3454
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Mon, 05 Dec 2022 01:48:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 384
Cache-Control: max-age=118154
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:27 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:37:41 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MXVAdAxtdkWkhZ8ZhSXMg7K1aBqokL2nEO3sHIoFUXxb/2Dzc0P0Y4PtZqXCeZejofzFR41mxzs=
x-amz-request-id: WK6609A4G295GAJT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 01:47:47 GMT
age: 40
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 01:20:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1697
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:48:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
acd98f4b96ee7ff4acfdd43db7b7be7e
32e45b514aaa677e7864930c611dfbb6d4319f02
70b986a8f49941c56ce1c211ba42bc54fc5823237600749fb161a9e57849f660

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153035
Date: Mon, 05 Dec 2022 01:48:27 GMT
Etag: "638d00b6-1d7"
Expires: Tue, 06 Dec 2022 20:19:02 GMT
Last-Modified: Sun, 04 Dec 2022 20:19:02 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _HUwZqtMZyF3GqbmJ1fPEink249FikNciqAgfVXfqlj2jhLtSJwtBQ==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 01:08:58 GMT
cache-control: public,max-age=3600
age: 2369
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 373
Cache-Control: max-age=113077
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:27 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:13:04 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1c8d0ec53dd5a4db841b9bc14b823715
855eabefa211e5702a2fa9f8ae78a8a85721229b
b7a8be291195777ecfc9ecd1370cf1987dd6f5cbb85355ce379c14d0e79afd9d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90592
Date: Mon, 05 Dec 2022 01:48:28 GMT
Etag: "638bff5b-1d7"
Expires: Tue, 06 Dec 2022 02:58:20 GMT
Last-Modified: Sun, 04 Dec 2022 02:00:59 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HMcSM6kAGasSUqfjHxfH5VWM30Mw7nteJaGjA3uVYMRqVwddob7LYQ==
Age: 3441

push.services.mozilla.com/

35.161.230.192

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.230.192:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fgKADdw+C9kAEV/wXDy3NA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PFW9fyE61T9sePMi3L1BIw6oXrM=

ssl.scaletrk.com/favicon.ico

18.194.62.185

200 OK

318 B

URL HTTP/2
ssl.scaletrk.com/favicon.ico
IP
18.194.62.185:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
a976d227e5d1dcf62f5f7e623211dd1b
a2a9dc1abdd3d888484678663928cb024c359ee6
66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ssl.scaletrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-0a09c8844ba8f0936c20bd791130d6b6=unique; o_0a09c8844ba8f0936c20bd791130d6b6=c386d994-4f51-4999-943f-e4824409a93a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:48:28 GMT
content-type: image/x-icon
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e6ff8b0ec80e5b296c351deaadaf68aa
508eeaebd42e46fc88b458c3814d97adee554a70
5d32e74f96a8923558c20f2d1faf8b8c1b3e8085de468bc4fbfb8b35376f66e6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D32E74F96A8923558C20F2D1FAF8B8C1B3E8085DE468BC4FBFB8B35376F66E6"
Last-Modified: Sun, 04 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Mon, 05 Dec 2022 07:48:14 GMT
Date: Mon, 05 Dec 2022 01:48:28 GMT
Connection: keep-alive

cdn-dimi.akamaized.net/landings/277386/1669909407/js/vegas.js?1669909407

184.31.15.67

200 OK

3.4 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/js/vegas.js?1669909407
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (11568), with CRLF line terminators
Size
3.4 kB (3401 bytes)
Hash
156c4046496d16408b06eb605ce1ab09
0dde2c6bbb3cf64132989866bdc1161be62474e3
657aac4fd9cd122e452b9da290c486d115af6b8fe8d409f39ab1d1d3dff44144

HTTP Headers

GET /landings/277386/1669909407/js/vegas.js?1669909407 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: AzWTgxA1EYDkCxXnPxK3NQ4dC03GxpIRWjDuwuksfbqNIua+juF+XY5+0w+cr1KWxMvrJkc+pa0=
x-amz-request-id: F4ZGFFVKRD9H4W38
Last-Modified: Thu, 01 Dec 2022 15:43:31 GMT
ETag: "9acc66fdf18dea05bd75165eb5a96259"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 01:48:28 GMT
Content-Length: 3401
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/js/function.js?1669909407

184.31.15.67

200 OK

688 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/js/function.js?1669909407
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
688 B (688 bytes)
Hash
ba7deda1bcbc1e2d5c127678e05b71a1
4707fef7ab43a522b3cf7f5c0db4c148c5a43701
303187afb2cbbbf6095724df7eaf8c7967bb019dc17e1224d9e2366ac7f381c5

HTTP Headers

GET /landings/277386/1669909407/js/function.js?1669909407 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: jdkVjiUzN9R4hVRXtlQzkLqbtD4twntxos4GyIRm2jvlkzsB3i6SSNEcvYth/KlfY7nX1sls+Kk=
x-amz-request-id: F4ZYTH1Y8X1VDBZH
Last-Modified: Thu, 01 Dec 2022 15:43:31 GMT
ETag: "5da2c51949f2a873bf0091a104658e72"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 01:48:28 GMT
Content-Length: 688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ssl.scaletrk.com/click?o=144&a=4197&sub_id1=&sub_id2=&sub_id3=

18.194.62.185

200 OK

1.6 kB

URL HTTP/2
ssl.scaletrk.com/click?o=144&a=4197&sub_id1=&sub_id2=&sub_id3=
IP
18.194.62.185:0
ASN
#16509 AMAZON-02

File type
data
Size
1.6 kB (1562 bytes)
Hash
e749176a525edd8240a7967aad2b3f9b
1ab84b49b88cb8b26b32caf74a911f767d50eb7f
f8fed49cfa25d57fccb909a6609a7c60f4970435939fdba49ef4387cee92b0a5

HTTP Headers

GET /click?o=144&a=4197&sub_id1=&sub_id2=&sub_id3= HTTP/1.1
Host: ssl.scaletrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:48:28 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-0a09c8844ba8f0936c20bd791130d6b6=unique; expires=Wed, 04-Jan-2023 01:48:28 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_0a09c8844ba8f0936c20bd791130d6b6=c386d994-4f51-4999-943f-e4824409a93a; expires=Mon, 12-Dec-2022 01:48:28 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/277386/1669909407/css/style.css?1669909407

184.31.15.67

200 OK

3.0 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/css/style.css?1669909407
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
3.0 kB (2984 bytes)
Hash
45b696d932f6034af46e1171af670342
7432b83f1e41640a2b4e0f8072a55574dabdf9ca
f57937b10af37b37ba0cd80c64f82401991e77268ec1e77b145ea45f232b94af

HTTP Headers

GET /landings/277386/1669909407/css/style.css?1669909407 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: eDKQCOO8EbotGt7JV2C+B2IdSpwyuO4oztYiLwmbEaRh2GisJ03jwb3LdGHYrc56trxvMKmgpBY=
x-amz-request-id: F4ZX1P6HD5GD8ZG7
Last-Modified: Thu, 01 Dec 2022 15:43:31 GMT
ETag: "b000a53bd6d98047071cbf187037933f"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 01:48:28 GMT
Content-Length: 2984
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/js/translates.js?1669909407

184.31.15.67

200 OK

10 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/js/translates.js?1669909407
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text
Size
10 kB (10048 bytes)
Hash
f54e5331f7d782d475a884cce1db33fd
d5145e3ebcab1a21d4cdff8632c9901db93b962f
73c4aa8abb0450fbb7eef37c3afc3d6f11f0c2bc3f0a101323364b59298e4e2f

HTTP Headers

GET /landings/277386/1669909407/js/translates.js?1669909407 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 7/MZUupZLENWZWsYX5zBnZEnTZ1yuxUyi3lO6hYmN3tgs8KhmdUoMVeMDZrNZ3aCIeCpBuN1Hf0=
x-amz-request-id: F4ZM0VZF1NT6XT0K
Last-Modified: Thu, 01 Dec 2022 15:43:31 GMT
ETag: "07cee83d1be10af1ca991d1c60abd6e2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 01:48:28 GMT
Content-Length: 10048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/js/tn_pHash.js?1669909407

184.31.15.67

200 OK

252 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/js/tn_pHash.js?1669909407
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
252 B (252 bytes)
Hash
3544c08851825a863747a126548d6993
01882998e61b9f93d5f346386fa633f6b8d95b2d
9804b1c7443db74b2d7fe81cf11d84c8f0d9a7dee281b4fe8c15552bdc7eed69

HTTP Headers

GET /landings/277386/1669909407/js/tn_pHash.js?1669909407 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: VU8bqDWEnrBHlXxu7RQZ6/WShBvjaxD6wubk6i1HDUfSzKxHMmhw+VehS/FS+dhuNbt5QjQJqRc=
x-amz-request-id: GHSQDCH4WE22TKGA
Last-Modified: Thu, 01 Dec 2022 15:43:31 GMT
ETag: "3544c08851825a863747a126548d6993"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 252
Date: Mon, 05 Dec 2022 01:48:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/js/title_tanslate.js?1669909407

184.31.15.67

200 OK

1.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/js/title_tanslate.js?1669909407
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1298 bytes)
Hash
0e212ad4454c941c45c2e57df42c2b4f
fe9d7c484c2c0d7a6475692ef984c53a06c95406
e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3

HTTP Headers

GET /landings/277386/1669909407/js/title_tanslate.js?1669909407 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: q1qXJ5V48j4I2ST+RyWnumeL4IP2r9H/XyHC3KgV35R+aNqfOuakIHBXCNH5HyeNEc8Lu90RTO8=
x-amz-request-id: GHSQM2NWDTPGXTJ0
Last-Modified: Thu, 01 Dec 2022 15:43:31 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 01:48:28 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1

52.19.101.114

200 OK

36 kB

URL HTTP/2
lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32065)
Size
36 kB (36286 bytes)
Hash
95014a06e2751d40f046945e31123a43
8d55b596b2063b05ec490872aafc951910c79cbf
e800e0464229941e671326e4f1458325d5a6d500508c988661684f7dc3482158

HTTP Headers

GET /c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&click_id=9a147a18616fafbc3a5209726e5cdb89&j1=1 HTTP/1.1
Host: lavavq.amazlngdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:48:28 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=638c5ec2000cc264; Path=/; Expires=Fri, 03 Feb 2023 01:48:28 GMT; Secure; SameSite=None
unique_id2=638d327e0009039c; Path=/; Expires=Sun, 05 Mar 2023 01:48:28 GMT; Secure; SameSite=None
638d327e0009039c_c=1; Path=/; Expires=Sun, 05 Mar 2023 01:48:28 GMT; Secure; SameSite=None
ref_token=31972_15596_120749_152840; Path=/; Expires=Wed, 04 Jan 2023 01:48:28 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 05 Dec 2022 01:48:28 GMT; Secure; SameSite=None
638d327e0009039c_sl=[277386]; Path=/; Expires=Mon, 19 Dec 2022 01:48:28 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/277386/1669909407/images/logo-white.png

184.31.15.67

200 OK

9.5 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/logo-white.png
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 300 x 124, 8-bit colormap, non-interlaced\012- data
Size
9.5 kB (9461 bytes)
Hash
27a8fdccc08741c52422bd4852f87c3a
b103730d95829f64c0746b97a85e0ada4f6c18a2
7afbc6f7cb728a9b4dfd7791a8207c60bdd255ea2f00ba12880bee15f7fbdff0

HTTP Headers

GET /landings/277386/1669909407/images/logo-white.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: BnsplbGRW1/qzeoF71kLeDneSJBb3A0O1GYVLjrYQAQyg7FQMmBzLsyN4LcdX8gVKzeedUZNFQ8=
x-amz-request-id: Z3MX1KWBATV0106S
Last-Modified: Thu, 01 Dec 2022 15:43:30 GMT
ETag: "27a8fdccc08741c52422bd4852f87c3a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9461
Date: Mon, 05 Dec 2022 01:48:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/images/110010_2.jpg

184.31.15.67

200 OK

29 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/110010_2.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size
29 kB (29319 bytes)
Hash
2b8ac4e50a5bbbe4e6ea964bec7f3086
5486267315a7cd9eca01fa2fc6007060189c8b4f
8f700ae9dd68bd1130d528b77e1de92b4945e036060fdb01a02ccc148ab24ab3

HTTP Headers

GET /landings/277386/1669909407/images/110010_2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: IiJlOEMlIsKyvOXRwhETIa0vutBBN0eJvSrTVUEf8O2tf+Al6cLgxP7yRSo3O7jSlmrydM1urSw=
x-amz-request-id: GHSNB1881NDXZ8EE
Last-Modified: Thu, 01 Dec 2022 15:43:30 GMT
ETag: "2b8ac4e50a5bbbe4e6ea964bec7f3086"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 29319
Date: Mon, 05 Dec 2022 01:48:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/images/logo.png

184.31.15.67

200 OK

41 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/logo.png
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 1024 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (40774 bytes)
Hash
c0647e470e90e4e76c886ef3f4c651ac
fe1dd72ac0432bd8f261672c7c336cf902503d3c
1d4ad487984a8f689c904f3c2532f034b03d361c081dae581752cdc20d983037

HTTP Headers

GET /landings/277386/1669909407/images/logo.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: zito+cpOKZmEIDdNpPnAMbhWZWKQYYGbLpPqlYwYejGKqnXREH7KOiwdy2bmUtWm0eE6ji6l6lY=
x-amz-request-id: GHSXH2ZT2S55GG4Y
Last-Modified: Thu, 01 Dec 2022 15:43:29 GMT
ETag: "c0647e470e90e4e76c886ef3f4c651ac"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 40774
Date: Mon, 05 Dec 2022 01:48:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/images/1.jpg

184.31.15.67

200 OK

62 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/1.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x1280, components 3\012- data
Size
62 kB (62164 bytes)
Hash
765620bf3d6dcdb5495b70409b6b4ba8
f4a00a38ca93130e5e0398deea0ba2f928e2172b
e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373

HTTP Headers

GET /landings/277386/1669909407/images/1.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: aKGcKVTj6dqH45TCFjj9CNuB791KgI8xkjVNPBEKPylPN3BkKq5fkYpcm/cl50b1beWWNPZMlxY=
x-amz-request-id: Z3MKPB22KPKCQB5K
Last-Modified: Thu, 01 Dec 2022 15:43:30 GMT
ETag: "765620bf3d6dcdb5495b70409b6b4ba8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 62164
Date: Mon, 05 Dec 2022 01:48:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

142.250.74.106

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1013 bytes)
Hash
dfe8ea3dfcea2189fd56e15eefc1c475
78bbf9a956960fc0b65526523533afb348424ae9
3e77e2488062743aa6ccfa98757bbee8a21997ae7eb51b6312e5f29a85ea1c4f

HTTP Headers

GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 01:48:29 GMT
date: Mon, 05 Dec 2022 01:48:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lavavq.amazlngdate.com/ortb

52.19.101.114

200 OK

13 B

URL HTTP/2
lavavq.amazlngdate.com/ortb
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
1031bf08481e45e42ceb3fd978c3d379
3d6d43df4c45f09f5d68593646fd83352323a5ea
c99e0e70ba976626855bf7f83fc0e333b57833bcaf3dcfba16215a6e4fa3e208

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /ortb HTTP/1.1
Host: lavavq.amazlngdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 295
Origin: https://lavavq.amazlngdate.com
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1
Cookie: unique_id=638c5ec2000cc264; unique_id2=638d327e0009039c; 638d327e0009039c_c=1; ref_token=31972_15596_120749_152840; 638d327e0009039c_sl=[277386]; impression=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:48:29 GMT
content-type: text/plain; charset=utf-8
content-length: 13
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lavavq.amazlngdate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 368054
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lavavq.amazlngdate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 368075
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/landings/277386/1669909407/images/favicon.png?t=20221205014828

184.31.15.67

200 OK

4.1 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/favicon.png?t=20221205014828
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4093 bytes)
Hash
40a54c3ecf143b64096b063ff793fdbb
017eafffc5e55226a2aec0dd3c03f1b6130a6bab
39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423

HTTP Headers

GET /landings/277386/1669909407/images/favicon.png?t=20221205014828 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 9qJoSxnY4mHVBvJEl3465iqpzpf+g95tfnryz+3wTlnHRW35ZMWZPIQl1o6cbwDmeyfyBgRCIvU=
x-amz-request-id: 0MWJ6DD7X85D7CFZ
Last-Modified: Thu, 01 Dec 2022 15:43:30 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4093
Date: Mon, 05 Dec 2022 01:48:29 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

216.58.211.3

200 OK

10 kB

URL HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 10:16:35 GMT
expires: Thu, 30 Nov 2023 10:16:35 GMT
cache-control: public, max-age=31536000
age: 401514
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lavavq.amazlngdate.com/js/pushjs/1.0.0/utils.js

52.19.101.114

200 OK

12 kB

URL HTTP/2
lavavq.amazlngdate.com/js/pushjs/1.0.0/utils.js
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (32159)
Size
12 kB (11991 bytes)
Hash
262c195b66413b88c5fa395ffad05796
d2a9689d861d63c9f6e6857be9f53aa292e43462
33a8085f0dfed0a9f9046173aa24aa4b0c0f25051a0461a2045479904d508815

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: lavavq.amazlngdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1
Cookie: unique_id=638c5ec2000cc264; unique_id2=638d327e0009039c; 638d327e0009039c_c=1; ref_token=31972_15596_120749_152840; 638d327e0009039c_sl=[277386]; impression=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:48:29 GMT
content-type: application/javascript
expires: Mon, 12 Dec 2022 01:48:29 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5580
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 01:48:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5580
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 01:48:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5580
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 01:48:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7396 bytes)
Hash
fe33ecc20db57514c51c90694efebb16
e00b8b1bc1f98df439a264d1cd881e1021d7fdd5
9b0e56806a9f4e7458b58c29ec2050faebcded4ff1c4ef430733171ddae68cb7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7396
x-amzn-requestid: 9c3c8894-b018-4063-b3c8-abd67db3d94c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKVmHlBIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdbd-415092c018c6590d4e133cb0;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fIwvcQ7gRhcPjiPRUMfsVmN1POsSu1vAcYsKLoQvKuZTeEnHz3Jurg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:13:24 GMT
age: 81305
etag: "e00b8b1bc1f98df439a264d1cd881e1021d7fdd5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5276 bytes)
Hash
f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4Id8aWDt9bVlBXcsMK9LEAoqggewzLb9h4eZfuvYMGON2NnwyiP3Pg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
age: 14400
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10031 bytes)
Hash
bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 35382
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: 68443283-d7bf-4a40-8b2a-32c81e160d35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUkE6foAMFb3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb6-570021b92c46c99d1ad363bd;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S96VFv064j3TfGQEG2cAJxe7UdaSey-JJUGERVgpm8mtdTmPk7FE6g==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:44 GMT
age: 80805
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3707 bytes)
Hash
d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
age: 14400
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8749 bytes)
Hash
dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 14400
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/277386/1669909407/images/2.jpg

184.31.15.67

200 OK

103 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/2.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size
103 kB (102832 bytes)
Hash
3b8b455b24c71ae1f928266241e9517e
8b98ca60c92b83e039c3b996f090883ed8b7ca75
c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6

HTTP Headers

GET /landings/277386/1669909407/images/2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 3PKM5WIsPP7AM/CTF8b1t0m1Tl/qkXqH1XuvX8QKpvOjt4WhsfYdVVnRBvywsPOfdObznkReF/k=
x-amz-request-id: GFKZ9N13K3MK3WFS
Last-Modified: Thu, 01 Dec 2022 15:43:30 GMT
ETag: "3b8b455b24c71ae1f928266241e9517e"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 102832
Date: Mon, 05 Dec 2022 01:48:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/images/3.jpg

184.31.15.67

200 OK

150 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/3.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1108x1280, components 3\012- data
Size
150 kB (149812 bytes)
Hash
8ff03d86c53d978e5527374b5bcd5114
2b63b0853d74e24d74d26dbf9622c407e3c74ea9
10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c

HTTP Headers

GET /landings/277386/1669909407/images/3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: vP4bEtiL9GTvUho9lo+AqpLqCW+Lp9LnTsjrvQuOhUwjM3UJFxrymTGyzR7iiZwvvu6l9LVpDcE=
x-amz-request-id: GFKTJQRWZ9JYJXEA
Last-Modified: Thu, 01 Dec 2022 15:43:30 GMT
ETag: "8ff03d86c53d978e5527374b5bcd5114"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 149812
Date: Mon, 05 Dec 2022 01:48:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277386/1669909407/images/1.mp4

184.31.15.67

206 Partial Content

1.6 MB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277386/1669909407/images/1.mp4
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
1.6 MB (1560164 bytes)
Hash
379ddec6d7d6e118bd7565d1c83dbb90
16becb1b44f3f35b0fa239668901338cba6eff06
5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94

HTTP Headers

GET /landings/277386/1669909407/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
x-amz-id-2: UagF+X3VuxBMVHQaTkUZqoyTSt4v32RHNBGzuZHmql1Z5I2PAWZra+0Vd/lx54UtSBiR10vxyng=
x-amz-request-id: JA97MG11GKFFSMHF
Last-Modified: Thu, 01 Dec 2022 15:43:29 GMT
ETag: "379ddec6d7d6e118bd7565d1c83dbb90"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Mon, 05 Dec 2022 01:48:30 GMT
Content-Range: bytes 0-1560163/1560164
Content-Length: 1560164
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

lavavq.amazlngdate.com/js/pushjs/1.0.0/subscriber.js

52.19.101.114

200 OK

0 B

URL HTTP/2
lavavq.amazlngdate.com/js/pushjs/1.0.0/subscriber.js
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: lavavq.amazlngdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lavavq.amazlngdate.com/c/1e3a4e532f1c7040?s1=152840&s2=1396495&s3=4197&s5=backuser&click_id=9a147a18616fafbc3a5209726e5cdb89&iexpp=1&j1=1
Cookie: unique_id=638c5ec2000cc264; unique_id2=638d327e0009039c; 638d327e0009039c_c=1; ref_token=31972_15596_120749_152840; 638d327e0009039c_sl=[277386]; impression=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:48:29 GMT
content-type: application/javascript
expires: Mon, 12 Dec 2022 01:48:29 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

it.gratissesso.me/click?o=262&a=4197

18.195.157.163

302 Found

0 B

URL HTTP/2
it.gratissesso.me/click?o=262&a=4197
IP
18.195.157.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /click?o=262&a=4197 HTTP/1.1
Host: it.gratissesso.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 05 Dec 2022 01:48:27 GMT
content-type: text/html; charset=UTF-8
location: https://ssl.scaletrk.com/click?o=144&a=4197&sub_id1=&sub_id2=&sub_id3=
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-36660e59856b4de58a219bcf4e27eba3=unique; expires=Wed, 04-Jan-2023 01:48:27 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 01:48:29 GMT
date: Mon, 05 Dec 2022 01:48:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lavavq.amazlngdate.com/js/service-worker.js

52.19.101.114

200 OK

0 B

URL HTTP/2
lavavq.amazlngdate.com/js/service-worker.js
IP
52.19.101.114:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/service-worker.js HTTP/1.1
Host: lavavq.amazlngdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=638c5ec2000cc264; unique_id2=638d327e0009039c; 638d327e0009039c_c=1; ref_token=31972_15596_120749_152840; 638d327e0009039c_sl=[277386]; impression=
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:48:29 GMT
content-type: application/javascript
expires: Mon, 12 Dec 2022 01:48:29 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations