r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4860
Expires: Thu, 10 Nov 2022 05:54:04 GMT
Date: Thu, 10 Nov 2022 04:33:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2882
Cache-Control: max-age=110762
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 04:33:04 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:19:06 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2882
Cache-Control: max-age=110762
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 04:33:04 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:19:06 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3663
Expires: Thu, 10 Nov 2022 05:34:07 GMT
Date: Thu, 10 Nov 2022 04:33:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PoiqNfaZoHZ9XQAmgFQhUsr69qylaVJp3Xlh+5QbH8N1AIuv3pby/n+MatCwPj27xTcX8mYHAyE=
x-amz-request-id: 4C6J6WYJ88BEBBHD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 04:12:00 GMT
age: 1264
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 04:33:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
nlqg.us/
69.65.3.138200 OK 24 kB IP 69.65.3.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1573), with CRLF, LF line terminators
Hash c564e1caa167953366d464d2ecd542bd
0f0e70a867f893aa87af028af3dea9bbeeea4786
4827719c151eee51eec903cf0f0c0def2290d7cb8612b65b593ef67e118a8723
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:04 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.google.com/recaptcha/api.js
142.250.74.132200 OK 557 B URL HTTP/1.1 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (849), with no line terminators
Hash 46e7462cc5f9d09912e4c01bd075032d
04b3e9d18a00c440a4f15cfafa2808fa7896ab0e
c85484623e970945770e060eda71a4045f6c23c5aef750f6a21d970ff61c7d1d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Expires: Thu, 10 Nov 2022 04:33:05 GMT
Date: Thu, 10 Nov 2022 04:33:05 GMT
Cache-Control: private, max-age=300
Content-Type: text/javascript; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 557
Server: GSE
nlqg.us/base.css
69.65.3.138200 OK 6.0 kB IP 69.65.3.138:0
File type Unicode text, UTF-8 text, with very long lines (441), with CRLF line terminators
Hash 0048b7f1313f2f31303d9558430a4c09
60b2e428f72e8e721bd1b7461796f70398590146
ad70a82e38fa6807127264b71b9345b03705d295e5a5c12058722521c034d7ed
GET /base.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 6002
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/skeleton.css
69.65.3.138200 OK 13 kB IP 69.65.3.138:0
File type ASCII text, with CRLF line terminators
Hash d95f9852e7267caa3a82b14820d0cff0
98b1ac8f3e78facae869691e8c3122b62a494463
5cc7754dda6f1a564fdb5aab5eaa1f010a8c2fa4f9867a0d3da255905d5ee3f8
GET /skeleton.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 12954
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/layout.css
69.65.3.138200 OK 6.4 kB IP 69.65.3.138:0
Hash 8c13c327275573a20f10b1ce152d1d2d
963658d99e8dfb13b9ea6529beef052656b10001
600d1ee8134215646763d5154521d3cd2b81bc0c57ead1f64b760388796c7dab
GET /layout.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 15:31:42 GMT
Accept-Ranges: bytes
Content-Length: 6429
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/pathway.css
69.65.3.138200 OK 438 B IP 69.65.3.138:0
Hash 3f7602214e881ed1d11c244b2e2218fa
289df10dd1261baba9115600078f8d9c9e88c97a
65dc0e2f14923d487f9596f42d4751bf47627cec48bce688aae13857701019e5
GET /pathway.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Thu, 08 Sep 2022 21:25:19 GMT
Accept-Ranges: bytes
Content-Length: 438
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/Navigator.css
69.65.3.138200 OK 3.4 kB IP 69.65.3.138:0
File type ASCII text, with CRLF, LF line terminators
Hash 0932d0921d405e62f3985f3745334745
22df11acec82c810e9d87a8dded7b2cb573ac2f8
ca299268babd937fb441331c83aeed4583b5d5ecaccee14845e597ce8123099e
GET /Navigator.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Thu, 08 Sep 2022 21:25:24 GMT
Accept-Ranges: bytes
Content-Length: 3361
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/js/jquery-ui/themes/base/ui.all.css
69.65.3.138404 Not Found 315 B URL HTTP/1.1 nlqg.us/js/jquery-ui/themes/base/ui.all.css
IP 69.65.3.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /js/jquery-ui/themes/base/ui.all.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nlqg.us/js/jquery-ui/jquery.min.js
69.65.3.138404 Not Found 315 B URL HTTP/1.1 nlqg.us/js/jquery-ui/jquery.min.js
IP 69.65.3.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-ui/jquery.min.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nlqg.us/js/jquery-ui/ui/minified/jquery-ui.min.js
69.65.3.138404 Not Found 315 B URL HTTP/1.1 nlqg.us/js/jquery-ui/ui/minified/jquery-ui.min.js
IP 69.65.3.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-ui/ui/minified/jquery-ui.min.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nlqg.us/rvsincludefile/rvsheadpage.js
69.65.3.138200 OK 1 B URL HTTP/1.1 nlqg.us/rvsincludefile/rvsheadpage.js
IP 69.65.3.138:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Analyzer Verdict Alert fortinet Phishing
GET /rvsincludefile/rvsheadpage.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Thu, 08 Sep 2022 21:25:20 GMT
Accept-Ranges: bytes
Content-Length: 1
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nlqg.us/js/rvwysiwyg-ui.js
69.65.3.138200 OK 438 B URL HTTP/1.1 nlqg.us/js/rvwysiwyg-ui.js
IP 69.65.3.138:0
Hash 5b44d093e1a4976acc9a401e8781f477
51149db7b801bc0186952c663e351ea63fab3207
f5877695337c8aa2f84ce9d322408e8408ed7f60fa7f917bdc1ab04269a76c6f
Analyzer Verdict Alert fortinet Phishing
GET /js/rvwysiwyg-ui.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 438
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nlqg.us/js/jquery.url.js
69.65.3.138200 OK 2.0 kB IP 69.65.3.138:0
File type ASCII text, with very long lines (642)
Hash bcc8187e54303b5dd865775bebf40c09
c751e1bc7e0d74fc6fe69d28750332c94f2f0569
cd9825fd901243d43b9212d613e11f40b422d8ca7544d4dc7d9e76f51391f8dc
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.url.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 1978
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nlqg.us/js/publishNavigator/ddsmoothmenu.css
69.65.3.138200 OK 2.3 kB URL HTTP/1.1 nlqg.us/js/publishNavigator/ddsmoothmenu.css
IP 69.65.3.138:0
File type ASCII text, with CRLF line terminators
Hash 0b8af16cc16bba09f58846b610410326
28b9b5fa2fed9d0c85e59bfca6296322beb7800a
2944a60223dd1995ebfddf5283c0d51465509554318880d6b6ba0417c4a77501
GET /js/publishNavigator/ddsmoothmenu.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 2336
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/js/publishNavigator/ddsmoothmenu-v.css
69.65.3.138200 OK 1.2 kB URL HTTP/1.1 nlqg.us/js/publishNavigator/ddsmoothmenu-v.css
IP 69.65.3.138:0
File type ASCII text, with CRLF line terminators
Hash 8c6465008ed257f809008f7927434400
241a9e51b3f295fba8cf123c5b3ab9f4739d64a2
fe64ae26f74bd7bc063937b7e707319ab7bf3df529add5e1d5c5f2b91e3a4b48
GET /js/publishNavigator/ddsmoothmenu-v.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 1240
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/rvsincludefile/rvscustomopenwindow.js
69.65.3.138200 OK 3.9 kB URL HTTP/1.1 nlqg.us/rvsincludefile/rvscustomopenwindow.js
IP 69.65.3.138:0
Hash 5f92c69eb58ff6a5efd139e67b2aa737
e694cdd83e2964f3bdf94f86fba1d0a3336fd40c
f568b2eb64a20c06650b62cf25eee9c623a6caf34a43b6c5d23c5d07cdc2320f
Analyzer Verdict Alert fortinet Phishing
GET /rvsincludefile/rvscustomopenwindow.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Thu, 08 Sep 2022 21:25:19 GMT
Accept-Ranges: bytes
Content-Length: 3946
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nlqg.us/js/jquery-ui/external/responsivecarousel/responsiveslides.css
69.65.3.138200 OK 517 B URL HTTP/1.1 nlqg.us/js/jquery-ui/external/responsivecarousel/responsiveslides.css
IP 69.65.3.138:0
Hash 4706229b900c9038719a5592af94ea7e
dc45b567c860d7f3125b7fe448379609f61ac7cd
7d446f3517746538a7752354aefea6674480209eb1b943f48ec9c5e67854ce54
GET /js/jquery-ui/external/responsivecarousel/responsiveslides.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 517
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/js/jquery-ui/external/responsivecarousel/themes/themes.css
69.65.3.138200 OK 2.4 kB URL HTTP/1.1 nlqg.us/js/jquery-ui/external/responsivecarousel/themes/themes.css
IP 69.65.3.138:0
Hash e505b6cde7c513e33e9e153448a8f807
f787a35a3df87c2ffe60eb99726963d341639a3e
0a1d237d48a5759d7d442ce8b0acdc1fe05203580500fb75d09a0e5f9887fba8
GET /js/jquery-ui/external/responsivecarousel/themes/themes.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 2378
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/js/jquery-ui/external/responsivecarousel/responsiveslides.min.js
69.65.3.138200 OK 3.4 kB URL HTTP/1.1 nlqg.us/js/jquery-ui/external/responsivecarousel/responsiveslides.min.js
IP 69.65.3.138:0
File type HTML document, ASCII text, with very long lines (521)
Hash 04f1b2ac39e762cd516cb359755c8cc6
d649fbd823db40eb881b9810310698caced0ea58
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-ui/external/responsivecarousel/responsiveslides.min.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 3397
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nlqg.us/js/jquery-ui/external/responsivecarousel/autoinit.js
69.65.3.138200 OK 1.7 kB URL HTTP/1.1 nlqg.us/js/jquery-ui/external/responsivecarousel/autoinit.js
IP 69.65.3.138:0
Hash 94f6c26d0cb40d7c1c70900f66e0ea27
1697cdd9dc88db20b7f26d5e150c568f87e045f4
5b8f910990781754f85f0e85b647ee98262adb53cdec55aa008bdbe5253724a3
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-ui/external/responsivecarousel/autoinit.js HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 1701
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: max-age=107626
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 04:33:05 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:26:51 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
nlqg.us/css/rvwysiwyg-ui.css
69.65.3.138200 OK 89 kB URL HTTP/1.1 nlqg.us/css/rvwysiwyg-ui.css
IP 69.65.3.138:0
Hash 220a5d55442434c2d5193a40a4d5d724
b62029dbc67405d1d7db970653347a9f712f6ce2
952e041e2d3689fd6a65d84f570085f36271e73cb5af0e061918c2a92b4db95f
GET /css/rvwysiwyg-ui.css HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 00:13:51 GMT
Accept-Ranges: bytes
Content-Length: 88966
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nlqg.us/images/bullet.jpg
69.65.3.138404 Not Found 315 B URL HTTP/1.1 nlqg.us/images/bullet.jpg
IP 69.65.3.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /images/bullet.jpg HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
nlqg.us/images/greentree.png
69.65.3.138200 OK 4.9 kB URL HTTP/1.1 nlqg.us/images/greentree.png
IP 69.65.3.138:0
File type PNG image data, 124 x 117, 8-bit/color RGB, non-interlaced\012- data
Hash 857a3bce595d60e4e384ab67468a9768
b7503fe621c8637e9bbd3bb9981b5ecfbf488714
8955469bf9b8e39e348c44f473a1f080d99f0329a54ff08a99cb2ae34af6c164
GET /images/greentree.png HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Mon, 01 Oct 2012 00:14:05 GMT
Accept-Ranges: bytes
Content-Length: 4855
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
35.163.147.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.147.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ebE5W4fstAEC2OQRWRV1XA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EzNp3IFYNaPaUylVNRuoR/z1V1o=
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash e0fa47d0633cf5944ef7f8a280ec9057
a5ed6cac282b6c532683d5f3f232b9d76f916cff
eb661df250e84b2eecaaaeb93bd810eb76848407dc8a8f3a7f225e24ccf281ad
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: e48d880bbf6d3dc265a3e06a496fee46
ETag: "e6e56a394e215f19b86b5d1345905ac8"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Thu, 10 Nov 2022 04:52:27 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: 4PpH0GM89ZRO9/iigOyQVw==
X-FB-Debug: Nn7FW1V1oI6aTd3Yn3B1aPZSO52hP3e+lWOUBFamWzqpySv0N8X/+xEcB26EEFO7hUcRu7FBSYM/cZLBRkGCWA==
X-FB-TRIP-ID: 1904183273
Date: Thu, 10 Nov 2022 04:33:06 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1687
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 04:33:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
142.250.74.163200 OK 162 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (590)
Size 162 kB (162282 bytes)
Hash 05e06c50dab6f3d7f8bfde22301888db
64b3c20c788d298a672fabf9627eac914d95ed08
95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6
GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nlqg.us
Connection: keep-alive
Referer: http://nlqg.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 15:58:35 GMT
expires: Tue, 07 Nov 2023 15:58:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 218071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 04:33:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nlqg.us/favicon.ico
69.65.3.138404 Not Found 315 B IP 69.65.3.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 04:33:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c282fb89bdded9707f257751f23fc185
bfe872622a162e0afa35c9cd45742fba2fb15b13
3e66dbf4d736534ca78c1e386311a188e985a015e284a5659213b3b528e7cbc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3774
Cache-Control: max-age=128184
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 04:33:06 GMT
Etag: "636bc1fc-1d7"
Expires: Fri, 11 Nov 2022 16:09:30 GMT
Last-Modified: Wed, 09 Nov 2022 15:06:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
nlqg.us/images/headerbanner/header_banner.jpg?1662672314631a5dba9f828
69.65.3.138200 OK 66 kB URL HTTP/1.1 nlqg.us/images/headerbanner/header_banner.jpg?1662672314631a5dba9f828
IP 69.65.3.138:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 940x160, components 3\012- data
Hash 9687af21869a077cf2adf1cc11419f9f
a79c1c516552ae09c82d424b0477b448208deab2
37513e9610066f63824cda6f7c018f32e203015f2e8e814045ae256fe88f27f0
Analyzer Verdict Alert fortinet Phishing
GET /images/headerbanner/header_banner.jpg?1662672314631a5dba9f828 HTTP/1.1
Host: nlqg.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nlqg.us/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 04:33:05 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 15:34:04 GMT
Accept-Ranges: bytes
Content-Length: 65766
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
connect.facebook.net/en_US/sdk.js?hash=55c76197cc53afcf5c46345c25567d4d
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=55c76197cc53afcf5c46345c25567d4d
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash 5f856846f3a02950537f15d8c8e9fcd8
733cf3ff4bd0bf2b191a02d3b4778d360ddc069c
edceaaf71227601276d170d2026545ff1d7e5aefa91decf016295e6840aea04f
GET /en_US/sdk.js?hash=55c76197cc53afcf5c46345c25567d4d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nlqg.us
Connection: keep-alive
Referer: http://nlqg.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b09cbaa0c0833883edab1ef0f84f9e3f
etag: "bf9d2ef52a79fd5b8d596b3f0397a3f0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 10 Nov 2023 03:32:12 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: X4VoRvOgKVBTfxXYyOn82A==
x-fb-debug: vCmA8dpfh3A987OwXMBoKE/0k7TqT053xzwChzOTh8NnFUVj9EbU1UfunCfh8RCxpABMjvSuMPKT/hdOP6svsQ==
content-length: 88353
x-fb-trip-id: 1904183273
date: Thu, 10 Nov 2022 04:33:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9871
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 04:33:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9871
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 04:33:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9871
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 04:33:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc04eddc597d6b10db5d59c53f20aec
dddc0da13526d24aaea990cc1d68d9212612da43
a7e2d1fd141c4383de3411be95b8875c9d969d5f001020793a2b4d939aaa780b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12268
x-amzn-requestid: cd9ea4f7-9a75-47b4-a0ad-817c821a592e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpZHbBIAMFfUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca2-69a98f453929cc817bead2c7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xq1vIovXXR0pPaaHjKWeLcZszoEkISrYvqKvshtQ9dFTf6CUwxmIWA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "dddc0da13526d24aaea990cc1d68d9212612da43"
content-type: image/jpeg
age: 22627
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7af9a4c649c9ff2f48006dffde7fe73
a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae
1ccf9503c2ecaeb6f64a8e4194575908ca8746c69bf2b6fb1a6a59cf2408dc2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11722
x-amzn-requestid: bdba30aa-7c54-4163-8c09-e2c8948bba5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlomHKfoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9d-0497f5bc1d5c2fab268fb451;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QNvJiTrfKbAKIlX-fkY8wDsVF4zwc3T0ceo_c4-gtWAcrCe7sSlzlA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:00 GMT
age: 24487
etag: "a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fa2648bda72248fd56cf98d3b2210b7
d10647bb2b9705edbbb21ddd7092404fff8b1491
a89679ead6f90b21f7d020911ca809686ea17d8c15e62e645462a5ee675a5c2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9082
x-amzn-requestid: f5e67e88-d5ef-4f68-86f9-f59f85eeb751
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAwmFdrIAMFuRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368ae6a-38bc67d714f60c1f5e0f007c;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:06:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hLaLpJKOvpvEw974yp7tKSP6ynnzRbAIP0hyH03CJTHT4MikDu9QRg==
via: 1.1 f4ae8c7714a9bd89828bad25fc96be24.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:32:50 GMT
age: 68417
etag: "d10647bb2b9705edbbb21ddd7092404fff8b1491"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1631e1f0-6fa1-464b-a40b-00a9866b7b25.webp
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1631e1f0-6fa1-464b-a40b-00a9866b7b25.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7edb51fa0fbe8bf317da2d9091b9e21b
02a9b9bec9d4392bbbabb6cabb129c1fb12d01f6
80c9dd829626ec07aa750aa3154eaf27ef79de25d3181e020a13bc9f8e9d8676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1631e1f0-6fa1-464b-a40b-00a9866b7b25.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5314
x-amzn-requestid: ad6e7919-c033-4361-8e3d-0badbb9f6fc7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWnb0GTrIAMF4xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1f7e-0524b86652bbacde023deb2a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bau3xXgpMJavWBFqC_X7hBaA4UZHRKrwlFW_uyimScF0nqfzFRc-gg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:56:35 GMT
age: 23792
etag: "02a9b9bec9d4392bbbabb6cabb129c1fb12d01f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca824564-f412-4dc2-b493-0624bc480eed.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca824564-f412-4dc2-b493-0624bc480eed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c390c15d10148f43af21450af434cc7
ef3011cd851559ba8ee39b4bd0dc0af7a25bc651
d76ceb9b671f98d0bbaa47544883108274d4a26c11840f628e7466b23ca541c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca824564-f412-4dc2-b493-0624bc480eed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7696
x-amzn-requestid: e0cf148f-08b1-4399-b07c-5519d852c486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmHfFepIAMFebw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d62-57d6f0964bceb9711a56cfb7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q332Vdi1jyNfDnwszgERBrjmfPxvvz-EnsLImaK_W7-FdZUlbZw0nA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:55:41 GMT
age: 23846
etag: "ef3011cd851559ba8ee39b4bd0dc0af7a25bc651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 24597
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2