Overview

URL account-barclays.co/
IP209.141.38.71
ASNPONYNET
Location United States
Report completed2022-09-26 17:23:23 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 account-barclays.co/ Phishing
2022-09-26 2 www.account-barclays.co/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-26 2 account-barclays.co Sinkholed
2022-09-26 2 account-barclays.co Sinkholed
2022-09-26 2 account-barclays.co Sinkholed


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 12:15:18 UTC 34.120.237.76
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-26 10:36:51 UTC 142.250.74.10
mnemonic passive DNS www.account-barclays.co (2) 0 2022-09-23 11:30:51 UTC 2022-09-23 21:47:16 UTC 52.212.138.56 Unknown ranking
mnemonic passive DNS s3-eu-west-1.amazonaws.com (2) 0 No data No data 52.218.91.43 Unknown ranking
mnemonic passive DNS 1e128.net (2) 0 2019-07-03 15:44:39 UTC 2022-09-22 17:08:02 UTC 54.230.111.122 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 08:18:12 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-26 16:08:16 UTC 93.184.220.29
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-09-26 04:26:58 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 34.214.17.205
mnemonic passive DNS account-barclays.co (1) 0 2022-09-24 00:55:16 UTC 2022-09-26 17:18:42 UTC 198.251.81.30 Unknown ranking
mnemonic passive DNS cf.appdrag.com (4) 0 2017-05-11 22:23:21 UTC 2022-09-22 17:07:50 UTC 54.230.111.87 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 209.141.38.71

Date UQ / IDS / BL URL IP
2022-12-07 15:59:56 +0000
0 - 0 - 3 fsdjifidfijfd.xyz/ 209.141.38.71
2022-12-07 15:28:44 +0000
0 - 0 - 1 z1gp.com/ 209.141.38.71
2022-12-07 13:14:21 +0000
0 - 0 - 1 8f0g.com/ 209.141.38.71
2022-12-07 13:12:05 +0000
0 - 0 - 1 5gdf.com/ 209.141.38.71
2022-12-07 13:12:03 +0000
0 - 0 - 2 1lcw.com/ 209.141.38.71

Last 5 reports on ASN: PONYNET

Date UQ / IDS / BL URL IP
2022-12-08 16:45:51 +0000
0 - 0 - 1 104.244.75.14/13.sh 104.244.75.14
2022-12-08 16:44:59 +0000
0 - 0 - 2 167.88.170.23/502.exe 167.88.170.23
2022-12-08 12:43:53 +0000
0 - 0 - 2 167.88.170.23/obz2.exe 167.88.170.23
2022-12-08 12:43:51 +0000
0 - 0 - 2 167.88.170.23/502.exe 167.88.170.23
2022-12-08 11:32:12 +0000
0 - 0 - 6 fxbooktrading15.org/uo/index.php?QBOT.zip 198.251.81.188

Last 1 reports on domain: account-barclays.co

Date UQ / IDS / BL URL IP
2022-09-26 17:23:23 +0000
0 - 0 - 5 account-barclays.co/ 209.141.38.71

No other reports with similar screenshot



JavaScript

Executed Scripts (1)


Executed Evals (1)

#1 JavaScript::Eval (size: 2574, repeated: 1) - SHA256: 8ce4d27f4153383ab75c6e5e00f91abf36369b28e8aae86d89b42f8477273e63

                                        var shopSearchBarTemplateFn = function(product) {
    if (product.disabled || product.loading) {
        return product;
    }
    var item = $("<div class='appdrag-searchbar-option-image' style='background-image:url(\"" + product.imgUrl + "\");'></div>                    <div class='appdrag-searchbar-option-right'>                    <h4 class='appdrag-searchbar-option-title'></h4>                    <p class='appdrag-searchbar-option-price'></p>                    <p class='appdrag-searchbar-option-desc'></p>                </div>");
    var title = item.find(".appdrag-searchbar-option-title");
    var desc = item.find(".appdrag-searchbar-option-desc");
    var price = item.find(".appdrag-searchbar-option-price");
    title.css("font-weight", getAttrWithDefaultValue(searchbar, "title-fw", ""));
    title.css("font-size", getAttrWithDefaultValue(searchbar, "title-fs", "18") + "px");
    title.css("font-family", "'" + getAttrWithDefaultValue(searchbar, "title-ff", "Roboto") + "'");
    title.css("color", getAttrWithDefaultValue(searchbar, "title-fc", "#000"));
    desc.css("font-weight", getAttrWithDefaultValue(searchbar, "desc-fw", ""));
    desc.css("font-size", getAttrWithDefaultValue(searchbar, "desc-fs", "18") + "px");
    desc.css("font-family", "'" + getAttrWithDefaultValue(searchbar, "desc-ff", "Roboto") + "'");
    desc.css("color", getAttrWithDefaultValue(searchbar, "desc-fc", "#000"));
    price.css("font-weight", getAttrWithDefaultValue(searchbar, "price-fw", ""));
    price.css("font-size", getAttrWithDefaultValue(searchbar, "price-fs", "18") + "px");
    price.css("font-family", "'" + getAttrWithDefaultValue(searchbar, "price-ff", "Roboto") + "'");
    price.css("color", getAttrWithDefaultValue(searchbar, "price-fc", "#000"));
    var titleStr = product.title;
    if (product.translatedTitle && product.translatedTitle != "") {
        titleStr = product.translatedTitle;
    }
    title.text(titleStr);
    price.html(product.priceStr);
    if (parseFloat(product.price) < parseFloat(product.previousPrice)) {
        var previousPrice = $('<span class="price-container-previous">' + product.previousPriceStr + '</span>');
        price.append(previousPrice);
    }
    var descStr = product.descriptionHTML;
    if (product.translatedDescriptionHTML && product.translatedDescriptionHTML != "") {
        descStr = product.translatedDescriptionHTML;
    }
    var textDesc = $("<div>" + decodeComponent(descStr) + "</div>").text();
    if (textDesc.length > 200) {
        textDesc = textDesc.substring(0, 199) + "...";
    }
    desc.text(textDesc);
    return item;
}
                                    

Executed Writes (0)



HTTP Transactions (36)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10430
Expires: Mon, 26 Sep 2022 20:17:02 GMT
Date: Mon, 26 Sep 2022 17:23:12 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 17:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Tv6Xek-w1_uQ32CwUBfoYefCQx0Ti4-0LImc7GS-JRXg8EbTLoS-SA==
Age: 474


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5jNmwwKEC3bJOoWr3XAAQswwd1RBRwyIKUgB8ErIAEzhIyBl_lZXDQ==
age: 46077
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: account-barclays.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         198.251.81.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 17:23:12 GMT
Content-Length: 178
Connection: keep-alive
Location: http://www.account-barclays.co/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 17:23:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.account-barclays.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         52.212.138.56
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Mon, 26 Sep 2022 17:23:13 GMT
Content-Length: 1588
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: AppDrag WebFront
Access-Control-Allow-Origin: *
Set-Cookie: lng=en; path=/; Expires=Wed, 26 Oct 2022 17:23:13 GMT;SameSite=Lax;
X-Cloud-Cache: 0
X-Cloud-Storage-Cache: 0
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Cache-Control, Accept, Origin, X-Session-ID
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (384), with CRLF line terminators
Size:   1588
Md5:    1153693a01f0137e569b52dd90efc64a
Sha1:   cb0ea54e8bddb3dd66a28c796c539f8b387abbe8
Sha256: 5b63c0a0de5bc5224066805e04ac3ab3114a31fec1973535eb3cb95f2bb500aa

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 17:10:46 GMT
Expires: Mon, 26 Sep 2022 17:33:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -KOUG6UhiyYM04uksJcLviLQ8atHnCic2ITYnDIXxvq9yY31nCVYgQ==
Age: 747


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /resources/appallin-universal-theme.css HTTP/1.1 
Host: cf.appdrag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.account-barclays.co/

                                         
                                         54.230.111.87
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Content-Length: 0
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:23:14 GMT
Last-Modified: Wed, 25 Jan 2017 09:16:53 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Cache-Control: max-age=0
Content-Encoding: gzip
x-amz-version-id: PPkxCtT08OA.dfqr_ZUOywQLgu5b_015
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qmCh6U3UXdeuDolQChHOU7rg2GzpMOsXp5aYi__31tMEuzLUWXoz4w==

                                        
                                            GET /dev.appdrag.com/template-preview/fonts/fonts.css HTTP/1.1 
Host: s3-eu-west-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.account-barclays.co/

                                         
                                         52.218.91.43
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
x-amz-id-2: 2Ppp2XFFIT5QzYzG5V5H4oO5gMyvZqo7fgmqCfvtoRnFz6xSpipBHMnHdT/wb5b1ihwhkQdk8ec=
x-amz-request-id: SXJ3SSCCJ3QKNFEH
Date: Mon, 26 Sep 2022 17:23:14 GMT
Last-Modified: Fri, 02 Dec 2016 09:53:10 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Cache-Control: max-age=0
Content-Encoding: gzip
x-amz-version-id: qfjw2l6gyyo.UVW_SFFwYuNdKrGV4xnv
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 0

                                        
                                            GET /resources/js/appdrag.js HTTP/1.1 
Host: cf.appdrag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.account-barclays.co/

                                         
                                         54.230.111.87
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Length: 125197
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:23:14 GMT
Last-Modified: Tue, 20 Sep 2022 19:15:33 GMT
ETag: "b49c69079b588962c96523c15f4a8e61"
Cache-Control: max-age=604800
Content-Encoding: gzip
x-amz-version-id: Npc0aSBwkQ29fVkNqxlIgH5qBAyRAm2M
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5fY05mTz-iUYU9i_Iyj-MTfxqLGrSFA0VOtx6xPwC4CcRdWKdUi5dA==


--- Additional Info ---
Magic:  ASCII text, with very long lines (23945)
Size:   125197
Md5:    b49c69079b588962c96523c15f4a8e61
Sha1:   0be08c0f1e02a37e8ef9700c55843845e8ba143a
Sha256: 5ad705ef69a7c75dd4aedcde700a24e6b35192cbc5a7b2aa320e634788ba555e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 17:23:13 GMT
Last-Modified: Mon, 26 Sep 2022 15:42:53 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ACzT8ohUKhLDt-1Mat8XAvp6oqSw9jK8cNH0ltZKseFeS7hlt2TIbg==
Age: 6020

                                        
                                            GET /dev.appdrag.com/resources/css/appdrag.css HTTP/1.1 
Host: s3-eu-west-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.account-barclays.co/

                                         
                                         52.218.91.43
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
x-amz-id-2: 1fNZeVCXnuQgODU8hkdhe80p6AEzYqLO+rQ9oc5ftzA4/3pQMi2twZhPxOx98OXywurp/wxORic=
x-amz-request-id: SXJC6SX4BN3NTN0E
Date: Mon, 26 Sep 2022 17:23:14 GMT
Last-Modified: Tue, 20 Sep 2022 19:15:32 GMT
ETag: "92e344af624a1dfbf0abc5e8b5a32da9"
Cache-Control: max-age=604800
Content-Encoding: gzip
x-amz-version-id: hIKmMFBGHCV_mny7nd.a24c5sKTyauMY
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 26353


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   26353
Md5:    92e344af624a1dfbf0abc5e8b5a32da9
Sha1:   876b4b0b32c7075486102a9217377d476beceb55
Sha256: 86b7e6a105c1357da49c0edb21c9c42681d220a04119179d555897adee34893f
                                        
                                            GET /css?family=Raleway:300,300italic,400,400italic,700,700italic%7CRoboto:300,300italic,400,400italic,700,700italic%7COpen+Sans:300,300italic,400,400italic,700,700italic%7CLato:300,300italic,400,400italic,700,700italic%7COswald:300,300italic,400,400italic,700,700italic%7CMontserrat:300,300italic,400,400italic,700,700italic&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s3-eu-west-1.amazonaws.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Sep 2022 17:23:13 GMT
Date: Mon, 26 Sep 2022 17:23:13 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   2139
Md5:    ec855d7d8f924bd101a66ee3c6ab07e8
Sha1:   c83faef3ad3691d9447b38bd4f755dc912c60822
Sha256: c68dcea2b529e0040c44bb3eb6547de529dde25d80aa9e08476e6aad1a5d4c4c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4524
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 17:23:13 GMT
Last-Modified: Mon, 26 Sep 2022 16:07:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /resources/img/AppDrag-350-black.png HTTP/1.1 
Host: cf.appdrag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.account-barclays.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.87
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 7844
date: Mon, 26 Sep 2022 17:23:14 GMT
last-modified: Tue, 16 Feb 2021 09:48:11 GMT
etag: "4fe874011f58543aa8d67f250903960d"
cache-control: max-age=604800
x-amz-meta-qqfilename: AppDrag-350-black.png
x-amz-version-id: fZ3nLaCbG5TnUxwO9yN2b4OHxxPNsi.6
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CV5FwUrAhsE01w05BlBTN_nA2Bfd0gd7lD-iLFs4YY9ZremKSLV6jw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size:   7844
Md5:    4fe874011f58543aa8d67f250903960d
Sha1:   e7ed5fe17b35dd83c99ca628c5fa176b04c79b75
Sha256: 8fb93ae6e086eccb4abafdc111c4480249c035e06f2d6cff1bd9ad3f9b581eda
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 17:23:13 GMT
Last-Modified: Mon, 26 Sep 2022 15:34:53 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VWXc-hnbY3wDoiEdtZgB5lSJgX2qj3IG9OIdQWucEcr1xtIPibUNMA==
Age: 6500

                                        
                                            GET /assets/fontawesome/css/fa5.css HTTP/1.1 
Host: 1e128.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.account-barclays.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.122
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-length: 34259
last-modified: Fri, 16 Oct 2020 14:52:05 GMT
content-encoding: gzip
x-amz-version-id: cXZxRfuBc8_7Y61YWbBicE1I_2VrIZRK
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 18:56:41 GMT
cache-control: max-age=604800
etag: "323fb703071244ffec41192c843888b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z-XQsFIesOUn_726oj4-Vy0-MhavKBOeFxmKDq8q7yzW6eGPU2-4Kw==
age: 426393
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65343)
Size:   34259
Md5:    323fb703071244ffec41192c843888b0
Sha1:   35f6bf765f70badc89a4d5c48ecfe6685e179f44
Sha256: 09899663e89082a4346c3082e7eef8706a7cba15589a93ec4cfb857e758a4bca
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.account-barclays.co
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 20:15:52 GMT
Expires: Thu, 21 Sep 2023 20:15:52 GMT
Cache-Control: public, max-age=31536000
Age: 421641
Last-Modified: Wed, 11 May 2022 19:24:42 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.account-barclays.co
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 20:15:52 GMT
Expires: Thu, 21 Sep 2023 20:15:52 GMT
Cache-Control: public, max-age=31536000
Age: 421641
Last-Modified: Wed, 11 May 2022 19:24:48 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.account-barclays.co
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17032
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 19 Sep 2022 23:18:23 GMT
Expires: Tue, 19 Sep 2023 23:18:23 GMT
Cache-Control: public, max-age=31536000
Age: 583490
Last-Modified: Wed, 11 May 2022 19:24:52 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Size:   17032
Md5:    05a47f9e469d408c629f931cd33ff8b2
Sha1:   823f21f7b1d456db889c3afea393f0d2b9581c38
Sha256: 6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.account-barclays.co
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 19 Sep 2022 21:39:32 GMT
Expires: Tue, 19 Sep 2023 21:39:32 GMT
Cache-Control: public, max-age=31536000
Age: 589421
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /resources/builder/transparency-large%20(normal).png HTTP/1.1 
Host: cf.appdrag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s3-eu-west-1.amazonaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.87
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 5334
date: Mon, 26 Sep 2022 17:23:14 GMT
last-modified: Mon, 21 Nov 2016 09:55:10 GMT
etag: "e9e7b00f1460542af70f553bab5c5779"
cache-control: max-age=604800
x-amz-version-id: 1eyzv_ZcktcXiYCWpXhrpp4H.jTp7__L
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gN-9ZM-DIIj5BG12hBE6QqG3jv96h1VYWFs6sJQRQNPVHFbceF6bRg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 454 x 340, 8-bit/color RGBA, non-interlaced\012- data
Size:   5334
Md5:    e9e7b00f1460542af70f553bab5c5779
Sha1:   76144c2655b1bb20bd7c3071a9a01d43b2795eff
Sha256: d10a2a0ce334ce02d472cd4a0ae87abd1e926fb27b7aeccf190bfa0aa9dcb175
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i7SV4fBe423Nq1c4iUkCsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.214.17.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qgMPLN96IdvxGKv91W1t5LkDfRY=

                                        
                                            GET /favicon.png HTTP/1.1 
Host: www.account-barclays.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.account-barclays.co/
Cookie: lng=en

                                         
                                         52.212.138.56
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 26 Sep 2022 17:23:13 GMT
Content-Length: 3046
Connection: keep-alive
Cache-Control: public, max-age=604800
Content-Encoding: gzip
Expires: Mon, 03 Oct 2022 17:23:13 GMT
Last-Modified: Mon, 26 Sep 2022 17:23:13 GMT
ETag: 314B90CD6B405ABC616052D241A675C0
Vary: Accept-Encoding
Server: AppDrag WebFront
Access-Control-Allow-Origin: *
X-Cloud-Cache: 0
X-Cloud-Storage-Cache: 0
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, Cache-Control, Accept, Origin, X-Session-ID
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   3046
Md5:    c0bfb0b5a05c91b7d6c8229d86704fc4
Sha1:   fc906967ae452c65f85eeb972149b709455337cd
Sha256: 739d3323a42c96080fe18135e55bf5783892c1848bfce62c0d65e8ee1928bf18

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: 1e128.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.account-barclays.co
Connection: keep-alive
Referer: https://1e128.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.122
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 123132
date: Mon, 26 Sep 2022 17:23:14 GMT
access-control-allow-origin: http://www.account-barclays.co
access-control-allow-methods: PUT, POST, GET, HEAD
access-control-expose-headers: ETag
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Thu, 17 Oct 2019 07:45:53 GMT
etag: "ed0564f6ac76fa57df8a5a1f142f4157"
cache-control: max-age=1604800
content-encoding:
x-amz-version-id: eGBbZZkz6gpK8crzwgNOFQO9IL1jA2Ji
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0ieyK8QmBhP7alKLitJ9bDIGbP7GhWxsVinjalAbLBpfpaMDcF4NpA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 123132, version 330.15794\012- data
Size:   123132
Md5:    ed0564f6ac76fa57df8a5a1f142f4157
Sha1:   2b4337d89fff7d9f9c4cc4a92fe9039ad378efe9
Sha256: 550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 17:23:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 17:23:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 17:23:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 17:23:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 17:23:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
age: 66799
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11728
Md5:    968b9c138702fb5994d1d9eab1a697fa
Sha1:   9660bb2d38079182efbd11d7a687bfc7f9d30751
Sha256: 5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 68555
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8637
Md5:    d02ede0c964f3346fd53ae2950bf2a62
Sha1:   e49306a3713cb724be024a4ddb5e90645718a718
Sha256: c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qvSIyV7uvUzXFn6Sw3izoZxQoFbmyRzQ9WKl33D7fNTcuV6WXTzD9Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:01:28 GMT
age: 44507
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 69924
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13584
Md5:    2c11e6fef1be62b971bd9daf378bfc95
Sha1:   ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
Sha256: b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 70463
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5980
Md5:    ef17205adb2b478d3bff54b048208d22
Sha1:   12aac1bd22e675f09a220de08b4656e801c2e647
Sha256: 620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 69179
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5157
Md5:    2fe8c4f0c70fb6c1f4259eabedc7015e
Sha1:   85e378d0fff856832a8dd01743516b9476fed8c6
Sha256: 508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6