Report - www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1

Report Overview

Submitted URL
www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1
IP
87.98.241.107
ASN
#16276 OVH SAS
Submitted
2022-09-29 03:51:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	54 kB	216.58.211.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	51 kB	34.120.237.76
www.tigerlilypublishing.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	573 kB	87.98.241.107
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.253.52
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	862 B	14 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	489 B	32 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/assets/css/skin-blue.css?av=229a74bc	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/frontend/assets/css/style.css?av=229a74bc	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/assets/js/bootstrap.min.js?av=229a74bc	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/assets/js/adminlte.js?av=229a74bc	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/frontend/assets/cache/9e3578f7/jquery.min.js	Phishing
2022-09-29	medium	www.tigerlilypublishing.com/assets/css/adminlte.css?av=229a74bc	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.tigerlilypublishing.com/assets/js/knockout.min.js?av=229a74bc	60 kB	2023-03-07	2024-04-18
Pretty URL www.tigerlilypublishing.com/assets/js/knockout.min.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-18 11:51:25 Times Seen1160 Hash fa8662c7a8415d0355f444eaff534845 b60c2c301c280378b4d51769cb20a46e65989c73 972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb Loading...

	www.tigerlilypublishing.com/assets/js/notify.js?av=229a74bc	5.6 kB	2023-03-07	2024-04-07
Pretty URL www.tigerlilypublishing.com/assets/js/notify.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-07 00:04:00 Times Seen300 Hash 7ea0d3c764c478bbc3c9ae6d0b001cad 19ba17b7fd02563b89f03ff6f1d8576539ff1392 eb611854a404011a74a21d0d982954c5a220c582b894b25c3c04b9474ba24de4 Loading...

	www.tigerlilypublishing.com/assets/js/bootstrap.min.js?av=229a74bc	29 kB	2023-03-07	2024-04-18
Pretty URL www.tigerlilypublishing.com/assets/js/bootstrap.min.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-18 16:45:26 Times Seen9609 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	www.tigerlilypublishing.com/assets/js/adminlte.js?av=229a74bc	9.8 kB	2023-03-07	2024-04-18
Pretty URL www.tigerlilypublishing.com/assets/js/adminlte.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-18 15:35:09 Times Seen1572 Hash add5b3f0900365f3b4240664da17760e 7cbd53bfcf830e7c150d6bb55efcc2832e7543e7 42338bc162a705b04953fc72340216dbefb55cf12ec1a6e7cad04e5e680e26bc Loading...

	www.tigerlilypublishing.com/frontend/assets/cache/9e3578f7/jquery.min.js	96 kB	2023-03-07	2024-04-19
Pretty URL www.tigerlilypublishing.com/frontend/assets/cache/9e3578f7/jquery.min.js IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 02:49:24 Times Seen46147 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	www.tigerlilypublishing.com/assets/js/cookie.js?av=229a74bc	4.9 kB	2023-03-07	2024-04-18
Pretty URL www.tigerlilypublishing.com/assets/js/cookie.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-18 15:35:09 Times Seen1576 Hash 449dd3907404cead5d8ba6203b3550dc c9bb690411c3f46145f8ea137e6783929d8c27aa 3585a42757908ba2ace27f41b01256f6cf4ffb9679f7ac0ff8957817d5ccfde1 Loading...

	www.tigerlilypublishing.com/assets/js/app.js?av=229a74bc	2.3 kB	2023-03-07	2024-03-06
Pretty URL www.tigerlilypublishing.com/assets/js/app.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:58 Last Seen2024-03-06 09:57:19 Times Seen205 Hash fce662fe3dd4bd3be35b6c3abec80ff9 f76e098ad417541ef91067c3de79a52a9b19f9c3 81b55a53574a03bf7aa7847d9c12da1a44f2ef01f6ecef5bf5f818426150cd78 Loading...

	www.tigerlilypublishing.com/frontend/assets/js/app.js?av=229a74bc	469 B	2023-03-07	2024-04-07
Pretty URL www.tigerlilypublishing.com/frontend/assets/js/app.js?av=229a74bc IP 87.98.241.107 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-07 00:04:00 Times Seen296 Hash 5154609f598be8d873ff615d521b6d60 55165af84a2129e8432f1e96326ee686a07392bd 0ad96c8bca01a84d8b932da6e7cb095707bce86f4844acd88925b295a7422f2f Loading...

HTTP Transactions (51)

URL IP Response Size

www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1

87.98.241.107

301 Moved Permanently

169 B

URL HTTP/1.1
www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1 HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:19 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 03:15:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ccJhQRuessu3G2SHC9_Oeuyyj8_fBj_--26gkQufpwC60YNyfGEHeg==
Age: 2130

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11772
Expires: Thu, 29 Sep 2022 07:07:32 GMT
Date: Thu, 29 Sep 2022 03:51:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VO0XCzcHxml0hty0g4RMAmTaaDb0Nq7gANAQdQbKHzm3iJa_ozBBRg==
age: 80574
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 03:51:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 03:29:33 GMT
Expires: Thu, 29 Sep 2022 03:36:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z54FYhVJWxN0wlaU253xaA0bmq3SeL6YHUYW_20_twLxqTzhs14ieQ==
Age: 1307

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6556
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:20 GMT
Last-Modified: Thu, 29 Sep 2022 02:02:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2496061f09ac1012133e082b6c44960a
b6ea62d9f3702865593b54ef689f6e9d95ee7765
a7e66291827106b0e4e6981dd65b0b0fed10b0bdbed689ec97a2245a303be5f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7E66291827106B0E4E6981DD65B0B0FED10B0BDBED689EC97A2245A303BE5F5"
Last-Modified: Thu, 29 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Thu, 29 Sep 2022 09:50:22 GMT
Date: Thu, 29 Sep 2022 03:51:20 GMT
Connection: keep-alive

www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1

87.98.241.107

301 Moved Permanently

0 B

URL HTTP/1.1
www.tigerlilypublishing.com/campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /campaigns/bx608x8tk650b/track-url/ya341chg0z757/42ec3058b397a504a8d0c2bef12bb7d3130a55f1 HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
Set-Cookie: mwsid=kd41as20it6qkok2c78814a9g8; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 29 Sep 2022 03:51:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct

www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct

87.98.241.107

200 OK

6.8 kB

URL HTTP/1.1
www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411), with CRLF, LF line terminators
Size
6.8 kB (6790 bytes)
Hash
0b41b9c85c1ebfc97be0e6fc686f31ec
8e3f5cde94fb6d2309e099461285c5721494a1be
4fd2932a761c7ae4f6ee505ea92d080c9fd40cafcd45d8f8ec4a84ce37ce7a8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mwsid=kd41as20it6qkok2c78814a9g8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Set-Cookie: csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B; path=/; HttpOnly; SameSite=Lax

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5+tKlity3guNyslWBEQ4Hw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qGLFoXRW7s4Oilnaw7kAhkYXf+8=

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2b52ad405720d7d4665f40f842db9e99
c7e9646a8f2d2d8e932b26d231a518647230e308
c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Last-Modified: Thu, 29 Sep 2022 02:01:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=229a74bc

104.17.25.14

200 OK

5.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=229a74bc
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27303)
Size
5.0 kB (4972 bytes)
Hash
fb68fcb5e0519fb76559c9ab267f8f3f
b96c07f9ef44dbecb4ec4d1cb4a0b30a210f9825
8d0f29c4b3a8b511e6a46bc29ab3d96566fb244fdca5003156c04ea6b65cdd71

HTTP Headers

GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=229a74bc HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 03:51:21 GMT
content-type: text/css; charset=utf-8
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9709076
expires: Tue, 19 Sep 2023 03:51:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVkNc1%2BgWuLGKaZnjkiTcgxE76nPHQSsPPriMOFBhTHptI9Vr8Kfz3nEshJOdruRGeUOf2GrkOS2p0hiJ2uB4QckdWo8zOfZvyFDdWSGf4ArgcqHRz8kvc9PZlUHpb5BQ85qr9uA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521c2857ca70b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.tigerlilypublishing.com/assets/css/bootstrap.min.css?av=229a74bc

87.98.241.107

200 OK

100 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/css/bootstrap.min.css?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (65366)
Size
100 kB (99961 bytes)
Hash
8a7442ca6bedd62cec4881040b9a9e83
e2d2b846e9ea72a1985458a3748aab4e01a8fb3a
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

HTTP Headers

GET /assets/css/bootstrap.min.css?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: text/css
Content-Length: 99961
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-18679"
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2b52ad405720d7d4665f40f842db9e99
c7e9646a8f2d2d8e932b26d231a518647230e308
c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Last-Modified: Thu, 29 Sep 2022 02:01:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

www.tigerlilypublishing.com/assets/css/skin-blue.css?av=229a74bc

87.98.241.107

200 OK

3.6 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/css/skin-blue.css?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.6 kB (3588 bytes)
Hash
736dc5a80d350f34661eeb11ec02c7ee
ad568e0fef2c72bdf111e8e1f55e9245fd45ad30
d028883419fbc261a8588de03fcba282debb5e92853974d69bca9f5df9f4904d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/skin-blue.css?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: text/css
Content-Length: 3588
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-e04"
Accept-Ranges: bytes

cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=229a74bc

104.17.25.14

200 OK

6.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=229a74bc
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (50806)
Size
6.6 kB (6642 bytes)
Hash
0db2e85f504f65d4eba65a3a3176b99e
49445ca83b52538d5fb8f4ef3c5ed0bee904dc81
0153ed381a818cbc0ddab7d832c84bc3aae2aed1ccbe9821d625d6637046c953

HTTP Headers

GET /ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=229a74bc HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 03:51:21 GMT
content-type: text/css; charset=utf-8
content-length: 6642
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea8-c854"
last-modified: Mon, 04 May 2020 16:11:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4275895
expires: Tue, 19 Sep 2023 03:51:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMJAUSk7UJqaIEjcJ2rOIHjBpH%2BaNDsQZv0TGsyYlnnsRzGkS4%2FGnGpF0GL%2BvTRbcZVGLzJSIQicSz5ZGc%2BJylTfcbPYjPp0hCn22jqMSIHiLRP3e5D0gAl4saw03z3JzVfCQ6Kf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521c285eccb0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.tigerlilypublishing.com/assets/js/knockout.min.js?av=229a74bc

87.98.241.107

200 OK

60 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/js/knockout.min.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (564)
Size
60 kB (59822 bytes)
Hash
fa8662c7a8415d0355f444eaff534845
b60c2c301c280378b4d51769cb20a46e65989c73
972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb

HTTP Headers

GET /assets/js/knockout.min.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 59822
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-e9ae"
Accept-Ranges: bytes

www.tigerlilypublishing.com/frontend/assets/css/style.css?av=229a74bc

87.98.241.107

200 OK

16 kB

URL HTTP/1.1
www.tigerlilypublishing.com/frontend/assets/css/style.css?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
16 kB (16326 bytes)
Hash
0704fe77a703921a5520c4ef079b3ac4
c8d27d838b3e0f80232e76ffc0ec2c8af08727ce
6a6249eb2886276d28435052d388fe35557ea936825d1e06629849ec700bfd95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /frontend/assets/css/style.css?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: text/css
Content-Length: 16326
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-3fc6"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.tigerlilypublishing.com/assets/js/notify.js?av=229a74bc

87.98.241.107

200 OK

5.6 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/js/notify.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text
Size
5.6 kB (5598 bytes)
Hash
7ea0d3c764c478bbc3c9ae6d0b001cad
19ba17b7fd02563b89f03ff6f1d8576539ff1392
eb611854a404011a74a21d0d982954c5a220c582b894b25c3c04b9474ba24de4

HTTP Headers

GET /assets/js/notify.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 5598
Last-Modified: Wed, 18 Nov 2020 13:41:06 GMT
Connection: keep-alive
ETag: "5fb52472-15de"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.tigerlilypublishing.com/assets/js/bootstrap.min.js?av=229a74bc

87.98.241.107

200 OK

29 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/js/bootstrap.min.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (28941)
Size
29 kB (29110 bytes)
Hash
ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/bootstrap.min.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 29110
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-71b6"
Accept-Ranges: bytes

www.tigerlilypublishing.com/assets/js/adminlte.js?av=229a74bc

87.98.241.107

200 OK

9.8 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/js/adminlte.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (9373)
Size
9.8 kB (9774 bytes)
Hash
add5b3f0900365f3b4240664da17760e
7cbd53bfcf830e7c150d6bb55efcc2832e7543e7
42338bc162a705b04953fc72340216dbefb55cf12ec1a6e7cad04e5e680e26bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/adminlte.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 9774
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-262e"
Accept-Ranges: bytes

www.tigerlilypublishing.com/assets/js/cookie.js?av=229a74bc

87.98.241.107

200 OK

4.9 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/js/cookie.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
4.9 kB (4938 bytes)
Hash
449dd3907404cead5d8ba6203b3550dc
c9bb690411c3f46145f8ea137e6783929d8c27aa
3585a42757908ba2ace27f41b01256f6cf4ffb9679f7ac0ff8957817d5ccfde1

HTTP Headers

GET /assets/js/cookie.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 4938
Last-Modified: Wed, 18 Nov 2020 13:40:58 GMT
Connection: keep-alive
ETag: "5fb5246a-134a"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.tigerlilypublishing.com/assets/js/app.js?av=229a74bc

87.98.241.107

200 OK

2.3 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/js/app.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
2.3 kB (2294 bytes)
Hash
fce662fe3dd4bd3be35b6c3abec80ff9
f76e098ad417541ef91067c3de79a52a9b19f9c3
81b55a53574a03bf7aa7847d9c12da1a44f2ef01f6ecef5bf5f818426150cd78

HTTP Headers

GET /assets/js/app.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 2294
Last-Modified: Wed, 18 Nov 2020 13:41:06 GMT
Connection: keep-alive
ETag: "5fb52472-8f6"
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2b52ad405720d7d4665f40f842db9e99
c7e9646a8f2d2d8e932b26d231a518647230e308
c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Last-Modified: Thu, 29 Sep 2022 02:01:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

www.tigerlilypublishing.com/frontend/assets/js/app.js?av=229a74bc

87.98.241.107

200 OK

469 B

URL HTTP/1.1
www.tigerlilypublishing.com/frontend/assets/js/app.js?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
469 B (469 bytes)
Hash
5154609f598be8d873ff615d521b6d60
55165af84a2129e8432f1e96326ee686a07392bd
0ad96c8bca01a84d8b932da6e7cb095707bce86f4844acd88925b295a7422f2f

HTTP Headers

GET /frontend/assets/js/app.js?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 469
Last-Modified: Wed, 18 Nov 2020 13:41:06 GMT
Connection: keep-alive
ETag: "5fb52472-1d5"
Accept-Ranges: bytes

www.tigerlilypublishing.com/frontend/assets/cache/9e3578f7/jquery.min.js

87.98.241.107

200 OK

96 kB

URL HTTP/1.1
www.tigerlilypublishing.com/frontend/assets/cache/9e3578f7/jquery.min.js
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /frontend/assets/cache/9e3578f7/jquery.min.js HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: application/javascript
Content-Length: 95786
Last-Modified: Wed, 02 Dec 2020 22:36:49 GMT
Connection: keep-alive
ETag: "5fc81701-1762a"
Accept-Ranges: bytes

www.tigerlilypublishing.com/assets/css/adminlte.css?av=229a74bc

87.98.241.107

200 OK

211 kB

URL HTTP/1.1
www.tigerlilypublishing.com/assets/css/adminlte.css?av=229a74bc
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
211 kB (210932 bytes)
Hash
9a1829f9fa219d5e87e5a4ac18904635
de48ed6eb401ea13dfd2ee53c06b150f8f58ea33
df9f1a7806d4e4e2a65d932cec44bf3f33df345318efea3bad3f7d7b4870286e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/adminlte.css?av=229a74bc HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: text/css
Content-Length: 210932
Last-Modified: Wed, 18 Nov 2020 13:41:06 GMT
Connection: keep-alive
ETag: "5fb52472-337f4"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Montserrat:300,400,700

216.58.211.10

200 OK

45 kB

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:300,400,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
45 kB (45407 bytes)
Hash
edddc2edbec2722f991a9890d8ed0448
8dacc618405ada84ea8406ef3f5cba9f0f02387e
34336559832d0097d486bf76caf1ccd432552ab90262a36e8a39e79b2159226b

HTTP Headers

GET /css?family=Montserrat:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 03:51:21 GMT
date: Thu, 29 Sep 2022 03:51:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.tigerlilypublishing.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 558663
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 03:51:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.tigerlilypublishing.com/favicon.ico

87.98.241.107

200 OK

23 kB

URL HTTP/1.1
www.tigerlilypublishing.com/favicon.ico
IP
87.98.241.107:0
ASN
#16276 OVH SAS

File type
MS Windows icon resource - 5 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48, 32 bits/pixel\012- data
Size
23 kB (22657 bytes)
Hash
aefb4657343c20dd02a508f5de24ba71
6f08557669b81e347a5e2fcfd20d1e6f02dbe04c
ce844da3fee00f7e459e74c446c2a07e1e536c402c272066584e8eb66625de4b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.tigerlilypublishing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/lists/od5578sob7545/unsubscribe/ya341chg0z757/bx608x8tk650b/unsubscribe-direct
Cookie: mwsid=kd41as20it6qkok2c78814a9g8; csrf_token=48926434ea66bcc9e41d60e6272efcc34ffac55as%3A88%3A%22ZmliZU84em1nUVRkTFpxd3lNZFZndUJCRFlwSTBxOFgeVRWaHTfVe1BFVUtKOLDH4RFNAqRRki3F3h0V2vV-Ag%3D%3D%22%3B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 03:51:21 GMT
Content-Type: image/x-icon
Content-Length: 22657
Last-Modified: Wed, 02 Dec 2020 22:09:44 GMT
Connection: keep-alive
ETag: "5fc810a8-5881"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18162
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:51:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18162
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:51:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18162
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:51:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18162
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:51:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18162
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:51:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9688 bytes)
Hash
28799c10f9ea39af55c7003f4254cc60
523da6aeec4cc23897fe01b0bc8b5da254edb3a8
2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:56 GMT
age: 20786
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14073 bytes)
Hash
11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 21700
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8508 bytes)
Hash
515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:42:49 GMT
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
age: 18513
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4235 bytes)
Hash
30471179bd7cdeecea2fa4ea98701aef
2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:55 GMT
age: 20787
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8754 bytes)
Hash
556ea631652cbb77ff38dbe3bbc8c4d1
ba797da9b2d6942161fa02a0e431de4868b84327
130dab67cb6d80c741a7f2dadfd536bd6900204880dc3b68b2afbfa53dd3d781

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8754
x-amzn-requestid: 175fc592-ed89-44fb-8cf7-8a4404f59d4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZC5OcHKkIAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633108c2-2c0c36007bc8bcb56a54e8a1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 02:04:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -AhTOJwgY3-DnA_pYXdBL18wPP_fNeyDmZjkdkQ2J-xrBZSyRcdK3Q==
via: 1.1 71e7943ea0729c284a06faa05a567236.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:10:22 GMT
age: 31260
etag: "ba797da9b2d6942161fa02a0e431de4868b84327"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=229a74bc

216.58.211.10

200 OK

5.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=229a74bc
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
5.9 kB (5906 bytes)
Hash
773d13fbcf3a58ad11a2e7518cf01c79
b9e7ef19926dd1b13f7f0085c6790f1721d7d9f9
9785cb49ad43c99bf77e21dcd709c976b3fd6d5bd91bf3d468cd925ed983dffb

HTTP Headers

GET /css?family=Open+Sans:300,400,700&av=229a74bc HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 03:51:21 GMT
date: Thu, 29 Sep 2022 03:51:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=229a74bc

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=229a74bc
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,700,900&av=229a74bc HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 03:51:21 GMT
date: Thu, 29 Sep 2022 03:51:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=229a74bc

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=229a74bc
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=229a74bc HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tigerlilypublishing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 03:51:21 GMT
date: Thu, 29 Sep 2022 03:51:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations