Report - cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip

Report Overview

Submitted URL
cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip
IP
195.96.151.34
ASN
#41634 Svea Hosting AB
Submitted
2023-02-05 17:34:24
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ipapi.co	195030	2017-01-31T10:07:01Z	2023-03-13T05:43:34Z	389 B	1.2 kB	104.26.9.44
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	53 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
discord.com	1053	2013-06-04T20:47:24Z	2023-03-13T05:37:47Z	2.2 kB	7.6 kB	162.159.128.233
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.200.29.22
cdn-141.anonfiles.com	unknown	2020-07-29T17:07:12Z	2023-03-13T05:27:34Z	1.3 kB	1.1 kB	195.96.151.34
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.2 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-05 17:34:55	medium	Client IP	Internal IP	ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)
2023-02-05 17:34:55	medium	Client IP	Internal IP	ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip	14 kB	2023-03-13	2023-03-13
Pretty URL cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip IP 195.96.151.34 ASN #41634 Svea Hosting AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:48:47 Last Seen2023-03-13 17:48:54 Times Seen1 Hash e40a8f36c9597d43bf696d0b2ea8cf7f 53099eb625840d80d9d7cec1cf3f4329bf333fe6 7864a480ac199af99337207b3dce4509d727efd653708f6c5e72191c5edf5fec Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2127a45d736a063994639a043c78190e	10 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:48:47 Last Seen2023-03-13 17:48:54 Times Seen1 Hash 2127a45d736a063994639a043c78190e 46aa4717e70055c0c2cf000eab49baf088228cc8 0920537239dc5a7bef3a9d313fbdac8ab03020593371faa55daedbd6dc10dc11 Loading...

HTTP Transactions (29)

	URL	IP	Response	Size
	cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip	195.96.151.34	301 Moved Permanently	162 B
URL HTTP/1.1 cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip IP 195.96.151.34:0 ASN #41634 Svea Hosting AB File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip HTTP/1.1 Host: cdn-141.anonfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 05 Feb 2023 17:34:13 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1cdc095521e9ee2606059be447d1fdd5 02b5d0a5b5823e2338daf7e144700babe2a213af 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7040 Expires: Sun, 05 Feb 2023 19:31:33 GMT Date: Sun, 05 Feb 2023 17:34:13 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66" Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10116 Expires: Sun, 05 Feb 2023 20:22:49 GMT Date: Sun, 05 Feb 2023 17:34:13 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 05 Feb 2023 17:33:56 GMT content-type: application/json age: 17 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16493 Expires: Sun, 05 Feb 2023 22:09:06 GMT Date: Sun, 05 Feb 2023 17:34:13 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: DjypP9byIQB3Dt2++s46CKN3yC6g/lQYvW4qqd7VhA3NHAPus7c7MuoUa4YkUvk1eQxwIXiCO40= x-amz-request-id: 0NVCC2TGC2AV9PKW content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 05 Feb 2023 17:24:34 GMT age: 579 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 17:34:13 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash 3392621ea033f52b7bd38c6a47334da2 8e5982c32f79f67939a51cf41089fcbb2e2f5660 aa1da97a108a1e13c3d4168575285994625b4886e70837d55332e25784f7fdef HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6579 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 17:34:14 GMT Last-Modified: Sun, 05 Feb 2023 15:44:35 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 278`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash 3392621ea033f52b7bd38c6a47334da2 8e5982c32f79f67939a51cf41089fcbb2e2f5660 aa1da97a108a1e13c3d4168575285994625b4886e70837d55332e25784f7fdef HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1829 Cache-Control: max-age=150665 Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 17:34:14 GMT Etag: "63df8afa-116" Expires: Tue, 07 Feb 2023 11:25:19 GMT Last-Modified: Sun, 05 Feb 2023 10:54:50 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 278`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash 2d6c30ee041b9c1bc361031358179dc2 89c1e2ad453f84effbfc23b98522a33038735315 35152b58313c8e181ed2ee94ce139bdd1a08a6cd5992c2b610c958304cf834ea HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4703 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 17:34:14 GMT Last-Modified: Sun, 05 Feb 2023 16:15:51 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 280`

	cdn-141.anonfiles.com/favicon.ico	195.96.151.34	404 Not Found	150 B
URL HTTP/2 cdn-141.anonfiles.com/favicon.ico IP 195.96.151.34:0 ASN #41634 Svea Hosting AB File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 150 B (150 bytes) Hash 597ba0d4396e9c906225140ce907092c 28ae2ba65ccdb583d79f85b8cc9509fae697493b ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: cdn-141.anonfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/2 404 Not Found server: nginx date: Sun, 05 Feb 2023 17:34:14 GMT content-type: text/html content-length: 150 X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash 3392621ea033f52b7bd38c6a47334da2 8e5982c32f79f67939a51cf41089fcbb2e2f5660 aa1da97a108a1e13c3d4168575285994625b4886e70837d55332e25784f7fdef HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6579 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 17:34:14 GMT Last-Modified: Sun, 05 Feb 2023 15:44:35 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 278`

	discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA	162.159.128.233	400 Bad Request	69 B
URL HTTP/2 discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA IP 162.159.128.233:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text, with no line terminators Size 69 B (69 bytes) Hash 9bcf534504c2165a48169347cebc8f4c 4864fd93c2ec7e2257192a5d72393ff4c2aaaa98 1715784f87cbd5568e61505b97927a1f0cddeafff78f5633bfa531c9eb22b414 HTTP Headers POST /api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA HTTP/1.1 Host: discord.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/json Origin: https://cdn-141.anonfiles.com Connection: keep-alive Referer: https://cdn-141.anonfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers HTTP/2 400 Bad Request date: Sun, 05 Feb 2023 17:34:14 GMT content-type: application/json content-length: 69 access-control-allow-origin: https://cdn-141.anonfiles.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, PATCH, DELETE access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision access-control-expose-headers: Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date strict-transport-security: max-age=31536000; includeSubDomains; preload x-ratelimit-bucket: 3d2712a9e4fe17cc9d3fed4a8e672e5f x-ratelimit-limit: 5 x-ratelimit-remaining: 4 x-ratelimit-reset: 1675618455 x-ratelimit-reset-after: 1 via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6J5alAPu0XoPs684WD%2FxTxMXtzPwmglDQNmnbKauwZRCOnRfKlMrcCsKxbs%2FtMq%2B4%2FsjMGwZHzYnWxuLZpHqavbfmMJcDrd2uoGEZRz9QbvXNrW9zOlc8zrdx8A"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options: nosniff set-cookie: __dcfduid=4f0241c6a57b11ed90200a7e535c6b91; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __sdcfduid=4f0241c6a57b11ed90200a7e535c6b911f6e99fd1a4ea4a98c72bab13d695201b6bda3cd6b24e0ddbcc9071328b5a20e; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __cfruid=511e6501b3d92c6bd19d9a8f2aeeea64398cd075-1675618454; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 794d654b0cc9b529-OSL X-Firefox-Spdy: h2

	discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA	162.159.128.233	400 Bad Request	69 B
URL HTTP/2 discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA IP 162.159.128.233:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text, with no line terminators Size 69 B (69 bytes) Hash 9bcf534504c2165a48169347cebc8f4c 4864fd93c2ec7e2257192a5d72393ff4c2aaaa98 1715784f87cbd5568e61505b97927a1f0cddeafff78f5633bfa531c9eb22b414 HTTP Headers POST /api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA HTTP/1.1 Host: discord.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/json Origin: https://cdn-141.anonfiles.com Connection: keep-alive Referer: https://cdn-141.anonfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers HTTP/2 400 Bad Request date: Sun, 05 Feb 2023 17:34:14 GMT content-type: application/json content-length: 69 access-control-allow-origin: https://cdn-141.anonfiles.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, PATCH, DELETE access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision access-control-expose-headers: Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date strict-transport-security: max-age=31536000; includeSubDomains; preload x-ratelimit-bucket: 3d2712a9e4fe17cc9d3fed4a8e672e5f x-ratelimit-limit: 5 x-ratelimit-remaining: 3 x-ratelimit-reset: 1675618456 x-ratelimit-reset-after: 1 via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrDDEvME0NSC1Uqs1iv7judO1cmBjgIJuuNNAwtYlhE9XLh%2F%2FIk6iu1yM%2FkA3oe3JBKzrBXYn5oNFw8EkFh5g02bDjC9dQn%2F5l%2FcpwXNnzQQO4qPVRBT2TkmPrXj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options: nosniff set-cookie: __dcfduid=4f10310aa57b11edb6495e4a6b156145; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __sdcfduid=4f10310aa57b11edb6495e4a6b15614568296ba07ed134d1af2aef8ae79751733a151e3144b76209af6e76a642aff305; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __cfruid=511e6501b3d92c6bd19d9a8f2aeeea64398cd075-1675618454; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 794d654badb0b529-OSL X-Firefox-Spdy: h2

	ipapi.co/json	104.26.9.44	200 OK	426 B
URL HTTP/2 ipapi.co/json IP 104.26.9.44:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text Size 426 B (426 bytes) Hash 09e3dc3a0f3ccbad7f307f200958ac6b 1533db67f0908a33bb6da47ef5e017033871faa8 6fe05df09c395fa080dba4aa8bfeeda668f5c51b71ddb5e7c60994f42132cb1f HTTP Headers `GET /json HTTP/1.1 Host: ipapi.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://cdn-141.anonfiles.com Connection: keep-alive Referer: https://cdn-141.anonfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 05 Feb 2023 17:34:14 GMT content-type: application/json allow: OPTIONS, OPTIONS, POST, GET, HEAD x-frame-options: DENY vary: Host, Origin access-control-allow-origin: https://cdn-141.anonfiles.com x-content-type-options: nosniff referrer-policy: same-origin cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkWuTq6URy3udX1eej1sTg1RSTfZ%2FymcxXipmyINOp4BZ%2FKQ9gOYiYgSbRt8ZFyaicBu9f%2BjQs6P5FIRRKGHEHp%2BhfucT12V%2FfTeBMrAcc%2BpAdW0x9x8pFBt"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794d654a3fc7fab8-OSL content-encoding: br X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 05 Feb 2023 16:49:07 GMT age: 2707 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698" Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3155 Expires: Sun, 05 Feb 2023 18:26:49 GMT Date: Sun, 05 Feb 2023 17:34:14 GMT Connection: keep-alive`

	discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA	162.159.128.233	204 No Content	0 B
URL HTTP/2 discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA IP 162.159.128.233:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA HTTP/1.1 Host: discord.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/json Content-Length: 1189 Origin: https://cdn-141.anonfiles.com Connection: keep-alive Referer: https://cdn-141.anonfiles.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 204 No Content date: Sun, 05 Feb 2023 17:34:14 GMT content-type: text/html; charset=utf-8 access-control-allow-origin: https://cdn-141.anonfiles.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, PATCH, DELETE access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision access-control-expose-headers: Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date strict-transport-security: max-age=31536000; includeSubDomains; preload x-ratelimit-bucket: 3d2712a9e4fe17cc9d3fed4a8e672e5f x-ratelimit-limit: 5 x-ratelimit-remaining: 1 x-ratelimit-reset: 1675618456 x-ratelimit-reset-after: 2 via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBD5hEB2ThfkAOxLyOABlvQbeNJNy%2BYQPvNU%2FBzMk1G5beQsmpZzIDHla6sEGCkV6yAlvTFzMjlv%2BVN%2BXfJIcdiWHcemPAv1jY9qRAF6e%2BLRMLTt7bNbNfKB84%2FA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options: nosniff set-cookie: __dcfduid=4f37a23aa57b11ed940792d5413b2b58; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __sdcfduid=4f37a23aa57b11ed940792d5413b2b58880e3d1e7aebd62778b49b01a26a10a736376abae7555a2acfe85003a2407582; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __cfruid=511e6501b3d92c6bd19d9a8f2aeeea64398cd075-1675618454; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 794d654badb3b529-OSL X-Firefox-Spdy: h2

	push.services.mozilla.com/	54.200.29.22	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.200.29.22:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: lcwCFH+yvNebjK5ix4c1GA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: mnwoOtwZSQxTT+cRgsrzxYPsJdY=`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4685 Expires: Sun, 05 Feb 2023 18:52:21 GMT Date: Sun, 05 Feb 2023 17:34:16 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4685 Expires: Sun, 05 Feb 2023 18:52:21 GMT Date: Sun, 05 Feb 2023 17:34:16 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg	34.120.237.76	200 OK	7.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.3 kB (7288 bytes) Hash b1092c4dd4d9ca4d09462ae46e1dd7c1 17444ff60be1afbc40d3653fa936f9eaf9478068 ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7288 x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f1WrwH-iIAMFyhQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:43:39 GMT etag: "17444ff60be1afbc40d3653fa936f9eaf9478068" content-type: image/jpeg age: 71437 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8527 bytes) Hash 6661b7263315f5eb3cd2465f671e1fcd b7b5831c6b3ccc41d7a980b6088adc10ff8785f1 eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8527 x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyEoFHOKIAMFZwQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:11:45 GMT age: 69751 etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5014 bytes) Hash 5b6c30ad03669b66bf2f63b3edd69882 e630bd132b52b965a5ade646ea8a165d1abf6d7b f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5014 x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi3bIE0aoAMF6YQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 14:53:51 GMT age: 9625 etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg	34.120.237.76	200 OK	3.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.5 kB (3474 bytes) Hash d7a466d89c75ff3459b7328591db52cf c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3474 x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f1WXEEbnoAMFRdg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:10:58 GMT etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb" content-type: image/jpeg age: 69798 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12967 bytes) Hash 8e0be7db14d930d6227443314bcd1747 4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12967 x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmEdHFwCoAMFhxQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 03:40:08 GMT age: 50048 etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg	34.120.237.76	200 OK	9.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.6 kB (9579 bytes) Hash b3e7140400336984afc6093c1246f863 59e0b21cdf4cfdac3f1ea05badd007727939ac42 4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9579 x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fzQtnFGhoAMF5Zw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 12:03:14 GMT age: 19862 etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip	195.96.151.34	200 OK	0 B
URL HTTP/2 cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip IP 195.96.151.34:0 ASN #41634 Svea Hosting AB File type Size 0 B (0 bytes) Hash HTTP Headers `GET /ab6co8W0y3/3ae17486-1675619031/OakGrabber-V2.zip HTTP/1.1 Host: cdn-141.anonfiles.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 17:34:13 GMT content-type: image/svg+xml vary: Accept-Encoding content-disposition: inline; filename="OakGrabber-V2.zip" cache-control: private, must-revalidate expires: -1 etag: W/"63dfe821-3700" x-vdc: Yes x-cache-status: HIT x-cache-host: filecache-02 x-cache-disk: ssd-01 accept-ranges: bytes content-encoding: gzip X-Firefox-Spdy: h2`

	discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA	162.159.128.233	200 OK	0 B
URL HTTP/2 discord.com/api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA IP 162.159.128.233:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers OPTIONS /api/webhooks/1044539634987847681/_Pgchoqycdw7tWu53lKZr7M3-tcgWj6RMlODI2Zi1mm8bY3KPLvG8P0HZw2Ff9sUEkOA HTTP/1.1 Host: discord.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://cdn-141.anonfiles.com/ Origin: https://cdn-141.anonfiles.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Sun, 05 Feb 2023 17:34:14 GMT content-type: text/html; charset=utf-8 allow: GET, HEAD, POST, OPTIONS, PATCH, DELETE access-control-allow-origin: https://cdn-141.anonfiles.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, PATCH, DELETE access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtTZ6IASRc0SPhHPRoCsq9jGC3uDRDck8a8%2BOT4ZZJKNtYl9RTqw2QbdRpUyjtM5njGsoJvh6AwXID8F4267bvPxw8yt%2BlBGFN4bQ%2BV%2FlPwuzyyF%2F2kXXhQNV%2BJL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options: nosniff set-cookie: __dcfduid=4ee8818ca57b11edb179f6a1e98582e7; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __sdcfduid=4ee8818ca57b11edb179f6a1e98582e7a9c810d8dcf925a472d71fb6aea0dd70997482b95e527ab2834b11d5b33dc280; Expires=Fri, 04-Feb-2028 17:34:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/ __cfruid=511e6501b3d92c6bd19d9a8f2aeeea64398cd075-1675618454; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 794d654a1b76b529-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (29)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP