Report - swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session

Report Overview

Submitted URL
swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP
128.199.38.52
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-10-11 07:55:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.76.226
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	42 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	4.3 kB	151.101.85.229
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	19 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.164.68.6
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.214.236.46
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	53 kB	34.120.237.76
swappauto.staging.lcsolutions.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	1.2 MB	128.199.38.52
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.20.226
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	994 B	36 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-11	medium	swappauto.staging.lcsolutions.it/login	Phishing
2022-10-11	medium	swappauto.staging.lcsolutions.it/assets/js/custom.js	Malware
2022-10-11	medium	swappauto.staging.lcsolutions.it/assets/js/app.min.js	Malware
2022-10-11	medium	swappauto.staging.lcsolutions.it/assets/js/vendor.min.js	Malware
2022-10-11	medium	swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	swappauto.staging.lcsolutions.it/assets/js/app.min.js	9.0 kB	2023-03-07	2024-04-13
Pretty URL swappauto.staging.lcsolutions.it/assets/js/app.min.js IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen51 Hash da57dd32113013c6690373f5ad6efc23 a2f2ed500178c6b95f390f92af63d2c53d5a2d5d 77c5ea962fe05d20e92f81c51ffc9e83727968b35807d08d4308915a48dc1a66 Loading...

	swappauto.staging.lcsolutions.it/assets/js/vendor.min.js	595 kB	2023-03-07	2024-04-13
Pretty URL swappauto.staging.lcsolutions.it/assets/js/vendor.min.js IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen52 Hash 86ac6995577bd9f7a3ac4208a29f091a 81c97551e11c15c0e208607d2feda909e82e568f 54b997ff7c38a053429e99c7aa3a6d1a88536298d892e846746049c8a1207bd7 Loading...

	swappauto.staging.lcsolutions.it/assets/js/custom.js	1.7 kB	2023-03-07	2024-04-13
Pretty URL swappauto.staging.lcsolutions.it/assets/js/custom.js IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen51 Hash e0c4385bb7a11df134206e8b07137de0 9b4b7deb9c44f5e2569a7dca4626842f15a95824 1ec124e44f6191a2bad073f2981571a781c416850e36b2b68d189fae82a74de8 Loading...

	swappauto.staging.lcsolutions.it/login	1.0 kB	2023-03-07	2023-11-28
Pretty URL swappauto.staging.lcsolutions.it/login IP 128.199.38.52 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2023-11-28 08:28:09 Times Seen3 Hash 65cdedb4d49ce4c4c7c68fa68c1b7d09 d7067b4eb9154eb2b42db61fbde5e808bf52d814 2421e66fb02b83231846b1e6ebd7465ae9adf1219248d330c35b8e4fc01c4a4b Loading...

	cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js	34 kB	2023-03-07	2024-04-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen136 Hash 89f87298ad94aa1e6b92f42eb66da043 d8c0a049a5431416c60f152386dd6f3beaabbba4 b8559046a798fb7e60a22975d8cc0be190c63702654a7074d7e3f0b2ac4bd51a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js	28 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-25 15:51:25 Times Seen622 Hash 7cb6c13bd7fe931f3d0321a83267941c bdacca6dc640c5ab14653119b26379547a71a174 d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:59:10 Times Seen37070497 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js	12 kB	2023-03-07	2024-04-13
Pretty URL cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen205 Hash 026f2e71bca5cc6a5761dd6b29fb79c9 1eee60fd47ffdaf553e9f7efb70a9da73818064c 8cb16ff6222b21ba8a50b1e9aa9fe399e3c3aa2f7cf6929739c3a1b77ce045cc Loading...

HTTP Transactions (50)

URL IP Response Size

swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...

128.199.38.52

301 Moved Permanently

296 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
296 B (296 bytes)
Hash
c74a5e0a10bd9f5802fabc2bba9b7915
0929537f37b55f9ef8cc2719de6a931acb2a5b7e
08aba42801b1fbc7d954b2f0a694450ad581bf6b48d3afb6ff80409a7943f3e1

HTTP Headers

GET /ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51... HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 11 Oct 2022 07:55:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Location: https://swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
Content-Length: 296
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef6d323da0ad155f526b4a57c2e46ccc
71686b19b3ca049b9b66f8740284c552a3f61a20
99e2f56075a08f133a9d1d0122ab9ef2d9eaa61e18f46994e52e21a8a53203f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E2F56075A08F133A9D1D0122AB9EF2D9EAA61E18F46994E52E21A8A53203F3"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10995
Expires: Tue, 11 Oct 2022 10:59:03 GMT
Date: Tue, 11 Oct 2022 07:55:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15872
Expires: Tue, 11 Oct 2022 12:20:20 GMT
Date: Tue, 11 Oct 2022 07:55:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.164.68.6

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.164.68.6:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 11 Oct 2022 07:08:20 GMT
Expires: Tue, 11 Oct 2022 07:29:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fd0213744bc3f0c3b6436f635fb80a6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: dy6p6PChIzMwePOiy9q-ZncaUiHVmy_3jSMnM1dIF6ZVexuFkCIGeg==
Age: 2848

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 14mnb85jt7ANVckTQB0HXGUzrJfwcnjxDYq3Gazj5Ys1AgSz14w++8YVYGnYxyFjO3sBJin95Lc=
x-amz-request-id: 2N7ZPNHEFGKD2FR8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 11 Oct 2022 07:00:45 GMT
age: 3303
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 11 Oct 2022 07:55:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
faeb226bde7a8e781de0835dc65a77dd
a904312e3deb02b6cc0332a6193ea16ed4630ebe
07d931efdbc733b48232203f67f659f6623259d390830a86cbc92eebc4da508a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07D931EFDBC733B48232203F67F659F6623259D390830A86CBC92EEBC4DA508A"
Last-Modified: Tue, 11 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 11 Oct 2022 13:55:49 GMT
Date: Tue, 11 Oct 2022 07:55:49 GMT
Connection: keep-alive

swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...

128.199.38.52

302 Found

430 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
430 B (430 bytes)
Hash
8ecf23bf15844662855c55791c0d90f3
c99052f1f2bd2964269b4f3d244d909944212635
0905f5a9af6791b0dcc79f4704119fb12898448664f53367feca92399675e534

HTTP Headers

GET /ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51... HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
X-Powered-By: PHP/7.4.20
Cache-Control: no-cache, private
Location: https://swappauto.staging.lcsolutions.it/login
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjJRaThZaFJqWlQvZGxBbFZwWGZsTFE9PSIsInZhbHVlIjoiaFU4bWttNFFvSGJhU2N4VVhKQWJydWdOcmg5ODFmZFBKNHg3a253TmNSYURGM29zVWFZNE4vM0hmTkQ3dVJpOCIsIm1hYyI6IjgyMWNiODdmOTM5OTk2ZmI2NmE2MzNlNjY1NGUzNmJhMGY4ZDZkZjhiZDI4YTZlMTBhYTgzZTZjYTk3ZjViMDMifQ%3D%3D; expires=Wed, 19-Oct-2022 15:55:49 GMT; Max-Age=720000; path=/; samesite=lax
swappauto_session=eyJpdiI6IjZuYXJuQ0ZwaDVic3pobi9uWVBzVWc9PSIsInZhbHVlIjoiR3JuUHBCTFpjL3JtVjNZN0ptTjRrNTBiY2tXSU1rcjJiSlZEN1lMWERVdE1qb3MrakZ0alE2ZWwyYlZCMU44eCIsIm1hYyI6IjZiMzZlZTI0YTEzNjIzMzdkOWI2M2JlMWU1ZTk1MGZjYzkzNzc3ZDM3NmRlNDM1ODMwOWNlZWFhZGFmMmY0NzgifQ%3D%3D; expires=Wed, 19-Oct-2022 15:55:49 GMT; Max-Age=720000; path=/; httponly; samesite=lax
Content-Length: 430
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.164.68.6

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.164.68.6:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Tue, 11 Oct 2022 07:41:44 GMT
Cache-Control: max-age=3600
Expires: Tue, 11 Oct 2022 08:38:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dec2a929e38abcba29053b59369dd9c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: TLfc5_3frvAIdxnKK4lnSekrkAs_3Gol0ODGzNno9nG9Ua7QDrpKlw==
Age: 852

swappauto.staging.lcsolutions.it/login

128.199.38.52

200 OK

9.2 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/login
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
9.2 kB (9174 bytes)
Hash
a8fc417014a6ed9ab2efeb301a1ad0ed
ac52aa6c2adac913e2f3e186cfe664d9d515064a
85eadbf9e80da3f2f6bf4e7311f01c7af049174494ab10c6f8c41d960da676d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJRaThZaFJqWlQvZGxBbFZwWGZsTFE9PSIsInZhbHVlIjoiaFU4bWttNFFvSGJhU2N4VVhKQWJydWdOcmg5ODFmZFBKNHg3a253TmNSYURGM29zVWFZNE4vM0hmTkQ3dVJpOCIsIm1hYyI6IjgyMWNiODdmOTM5OTk2ZmI2NmE2MzNlNjY1NGUzNmJhMGY4ZDZkZjhiZDI4YTZlMTBhYTgzZTZjYTk3ZjViMDMifQ%3D%3D; swappauto_session=eyJpdiI6IjZuYXJuQ0ZwaDVic3pobi9uWVBzVWc9PSIsInZhbHVlIjoiR3JuUHBCTFpjL3JtVjNZN0ptTjRrNTBiY2tXSU1rcjJiSlZEN1lMWERVdE1qb3MrakZ0alE2ZWwyYlZCMU44eCIsIm1hYyI6IjZiMzZlZTI0YTEzNjIzMzdkOWI2M2JlMWU1ZTk1MGZjYzkzNzc3ZDM3NmRlNDM1ODMwOWNlZWFhZGFmMmY0NzgifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
X-Powered-By: PHP/7.4.20
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; expires=Wed, 19-Oct-2022 15:55:49 GMT; Max-Age=720000; path=/; samesite=lax
swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D; expires=Wed, 19-Oct-2022 15:55:49 GMT; Max-Age=720000; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css

104.17.25.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22251)
Size
2.9 kB (2884 bytes)
Hash
c95836475d24dd21df887fd9775bd278
d2bc2d6ecba53190a2a1e38cdf846894dfd07471
ba23f357f2043203399507f85be70057566103b77f2ab757eff8cb0d86286857

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 07:55:49 GMT
content-type: text/css; charset=utf-8
content-length: 2884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2817869
expires: Sun, 01 Oct 2023 07:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRhX4K9iSyzx%2ByihswxChrGD8I1PDkI1Hi1v6zFYV59APafdvUvGjKR7DMJh4QqqRhZ1yB9dHtyQe6ojMuZRWXzsTlQy3f3zTTGWaqC4g6%2BlUONelkDt36B535kRJN7KlVnlQCT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 758609226fadb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js

104.17.25.14

200 OK

11 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.4/moment.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32049)
Size
11 kB (10559 bytes)
Hash
59c564c62d3b9eabdb8d57df2efd1dab
cbe0dfa31901b825a33afa6a1cc294a098ef5118
70f4a330320cf383edbf4ee9ae5c5f0670ad7fefb34b298e59cd249bc9391224

HTTP Headers

GET /ajax/libs/moment.js/2.8.4/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 07:55:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 10559
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-83f7"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2280906
expires: Sun, 01 Oct 2023 07:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6Np3dLgPY%2BY4D3R9xUqhpWkCxvLZJnPDVkFSj4u041WbZfqpo5NTAQLDYhla57zYEXVfg0mNwg%2BSWMfCDRAqoz4aino2J6i1OB7lztUXrwxrR0l0k6DTr80EDZQsWcGM%2B2TDuWv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 758609229fe7b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js

104.17.25.14

200 OK

6.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27605)
Size
6.4 kB (6362 bytes)
Hash
605ded73021977319ac6e0ec73d764c9
b3c3248ea835fb413836d6adb30732a762c9e87d
bd656cd4a6496fb09dc41b1773c060564d4c521b458a4c435b7e18ce1ec97503

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 07:55:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 6362
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6cf8"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10921221
expires: Sun, 01 Oct 2023 07:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn0xvk3b5CgAbhbtYK%2BpaK2%2BKsH%2BwP1jZ6U3oS6X%2FVpS7cLdkwA2mYbkY3EY0eeeFNtVkxFFqocq9ClDD93Yu%2Ff2WgKdQMvd7cT7h2ODbAjxv3WqtTrCL2f%2B8Zzr91rDuenWDTAY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75860922affdb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/js/select2.min.js

104.17.25.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/js/select2.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (32082)
Size
15 kB (15274 bytes)
Hash
e1764cd1f9fdb2d05a2bf72394157137
d5f310b35b1793b3961358834f7f90f8bae5d1c1
ba98e7891e8682e0af023536d5864565b59d08710c46033837f35f57a9749c3e

HTTP Headers

GET /ajax/libs/select2/4.0.1/js/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 07:55:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 15274
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-fd75"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10761970
expires: Sun, 01 Oct 2023 07:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOR4heHmTP1gsHu%2BRbD%2ByE8ro%2FgrMtKoxm72pY8OgIb6zbqexfIdeaCbmbytQezs5AZlOI3U05ZWqAMItU9dRCTMJzxenCOh%2BQ%2FOaR0iQ1vBs%2BiD1dzXmKcAuXkAryT6myGZEtNI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75860922b80ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/css/select2.min.css

104.17.25.14

200 OK

1.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.1/css/select2.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15089)
Size
1.6 kB (1613 bytes)
Hash
0a6ea1077e31fbe5384e2e000487d9cb
75955b385b3629ceb4515503483c3bd09cbf1bbb
1d4ba8cf978784c2b761105722f2003388b50f671bc9157ed01fa6658b2732ba

HTTP Headers

GET /ajax/libs/select2/4.0.1/css/select2.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 07:55:49 GMT
content-type: text/css; charset=utf-8
content-length: 1613
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-3af2"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10918957
expires: Sun, 01 Oct 2023 07:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIeTuoC8ZwTmK4VkQrebZ5ebqkAUbO%2FsSvztynPMYQOaTzZWUeTBOMdzafnWVdu84Ig9on6X%2B9yhhrP38O5j5X523%2FqabPQkjxQoDqWMimr7Po9pssr0Ka6V5mi7YJEkVqlrsNv7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75860922c812b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

swappauto.staging.lcsolutions.it/assets/css/bootstrap.min.css

128.199.38.52

200 OK

199 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/css/bootstrap.min.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (566)
Size
199 kB (199019 bytes)
Hash
5933ffdc52503eddaefcd3f24149853a
9bfc8976a71aa423581533384448139721fc7e55
eef7aec6e71a9cf5af9a8d4dfb1399eaba0d772e16da3d69c8703b911c906959

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "3096b-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 199019
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d545bc725dcd5d6f1dfc10a8b35aeb3a
82d92587953dac8a05d691730b8318719328de6b
9d1e6f1bf4b1c138d9e07e67264cb9ac5090a1c338ff72c87e1758e187cccb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Last-Modified: Tue, 11 Oct 2022 07:24:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js

151.101.85.229

200 OK

3.6 kB

URL HTTP/2
cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (11601), with CRLF line terminators
Size
3.6 kB (3559 bytes)
Hash
8aad0f59b2229529376bb289e7dfdab0
6dea75506601cff6b99b31259b9775c391229eb9
33b68d453241e81706e15fd418af3005a5e3d538ac65db0771fba233d733a8be

HTTP Headers

GET /npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.1.7
x-jsd-version-type: version
etag: W/"2f04-Hu5g/Uf/2vVT6ffvtwqdpzgYBkw"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Oct 2022 07:55:49 GMT
age: 1242407
x-served-by: cache-fra19174-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3559
X-Firefox-Spdy: h2

swappauto.staging.lcsolutions.it/assets/js/custom.js

128.199.38.52

200 OK

1.7 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/js/custom.js
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text
Size
1.7 kB (1679 bytes)
Hash
e0c4385bb7a11df134206e8b07137de0
9b4b7deb9c44f5e2569a7dca4626842f15a95824
1ec124e44f6191a2bad073f2981571a781c416850e36b2b68d189fae82a74de8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/custom.js HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "68f-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 1679
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

swappauto.staging.lcsolutions.it/assets/js/app.min.js

128.199.38.52

200 OK

9.0 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/js/app.min.js
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
9.0 kB (8980 bytes)
Hash
da57dd32113013c6690373f5ad6efc23
a2f2ed500178c6b95f390f92af63d2c53d5a2d5d
77c5ea962fe05d20e92f81c51ffc9e83727968b35807d08d4308915a48dc1a66

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/app.min.js HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "2314-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 8980
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

swappauto.staging.lcsolutions.it/css/custom.css

128.199.38.52

200 OK

366 B

URL HTTP/1.1
swappauto.staging.lcsolutions.it/css/custom.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
366 B (366 bytes)
Hash
d117acedc2fca10742c496681f510311
aa66ba504983bcee0e63286ec703e5d539ab6ef3
c1b4999b8d045fb59b0740046b0f514fd0a04eb797d1029c1d9b725120ae773d

HTTP Headers

GET /css/custom.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "16e-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 366
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

swappauto.staging.lcsolutions.it/assets/css/icons.min.css

128.199.38.52

200 OK

71 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/css/icons.min.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text, with very long lines (391)
Size
71 kB (71066 bytes)
Hash
c6f89cd5fe6024ca889ced1dbde94d6d
ecdb7bf19fa109c4403de11a0b494210f2cc52ac
10a59236d1ed5f775c089be201525aa8ca0db9697fb95e22fb811a1daddb3ab4

HTTP Headers

GET /assets/css/icons.min.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "1159a-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 71066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
65e1eab7a85b3c614165561576034b8b
2f414191c851f2468b60fdb8469e89be3e52448b
a36c33cec8ef3dc081b8718b36ac17cbae9adcd6430624994900c9994ce90b84

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E6F39856BA6B714BB0A0B940F67C91D64B4A0B10"
Expires: Tue, 11 Oct 2022 18:00:00 GMT
Last-Modified: Tue, 11 Oct 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2620
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758609235bfc1c0e-OSL

swappauto.staging.lcsolutions.it/assets/css/app.min.css

128.199.38.52

200 OK

73 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/css/app.min.css
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
73 kB (72658 bytes)
Hash
c724250f9f7717cc088e36cf63acf321
5104064891b890fca7cd34e52755c8a4b7daac2a
425f9b7a4666374341c244c677a3593ca47da84d7d11d868b88b2f783376595b

HTTP Headers

GET /assets/css/app.min.css HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "11bd2-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 72658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

swappauto.staging.lcsolutions.it/assets/images/logo.png

128.199.38.52

200 OK

31 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/images/logo.png
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 500 x 494, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (31407 bytes)
Hash
ca8b1a3af41121f5f49c3beaeebe5982
d4fe07926e8b7ab76cf4ea02a4b89ced2c569edc
ad28d53b5cc9e0d61743f4d80c6f37753cfeea10220c72ff2c82e27ca3dcd2fd

HTTP Headers

GET /assets/images/logo.png HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "7aaf-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 31407
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swappauto.staging.lcsolutions.it/assets/js/vendor.min.js

128.199.38.52

200 OK

595 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/js/vendor.min.js
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
595 kB (594780 bytes)
Hash
86ac6995577bd9f7a3ac4208a29f091a
81c97551e11c15c0e208607d2feda909e82e568f
54b997ff7c38a053429e99c7aa3a6d1a88536298d892e846746049c8a1207bd7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/vendor.min.js HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "9135c-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 594780
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

push.services.mozilla.com/

34.214.236.46

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.236.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tm8f54/lo/PHxEGV++YgIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8m4bzsSHBBqu11SpzkgMuQ3lbTQ=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed

128.199.38.52

200 OK

233 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 2000x3000, components 3\012- data
Size
233 kB (233075 bytes)
Hash
3a07778ed82f7d0fba5493bfc60f5af1
4d4f46423df7be2603288b3d37947e122dbd10a9
4f3a2c5ef66fb5e46bf982e0737ddeb7de330e77790e7ecffe76a3f71f433efa

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/assets/css/app.min.css
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "38e73-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 233075
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size
17 kB (16980 bytes)
Hash
8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

HTTP Headers

GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 21:08:03 GMT
expires: Tue, 10 Oct 2023 21:08:03 GMT
cache-control: public, max-age=31536000
age: 38866
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,900&display=swap

142.250.74.10

200 OK

18 kB

URL HTTP/2
fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
18 kB (17827 bytes)
Hash
8e3a4d88f880d08efbc6e13061e3cc93
9eada0d3b482e9572d70e4327ac84cdafad41ecb
51b58dd7c6d150778c3e7a293b73b7abe49577fb4e21bcc293d91b71e7e1bc6d

HTTP Headers

GET /css?family=Nunito+Sans:300,400,600,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 11 Oct 2022 07:55:49 GMT
date: Tue, 11 Oct 2022 07:55:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17364, version 1.0\012- data
Size
17 kB (17364 bytes)
Hash
a8c24ee1c2db8b27eaec48b3d85b6e5a
ef3332a6231b4ad7777a0e6d01251f4bc32044e2
00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e

HTTP Headers

GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 21:25:21 GMT
expires: Tue, 10 Oct 2023 21:25:21 GMT
cache-control: public, max-age=31536000
age: 37828
last-modified: Mon, 09 May 2022 18:32:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 07:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swappauto.staging.lcsolutions.it/assets/images/favicon.ico

128.199.38.52

200 OK

9.7 kB

URL HTTP/1.1
swappauto.staging.lcsolutions.it/assets/images/favicon.ico
IP
128.199.38.52:0
ASN
#14061 DIGITALOCEAN-ASN

File type
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Size
9.7 kB (9662 bytes)
Hash
23284715084f7fee0c5ee4625ad332e1
3655d51cb444a5e33e1e8811ba6c516f46c40c8d
6930646976f63a4e5dfa27e4b57647004e0a9366523657f157486c660c24c02c

HTTP Headers

GET /assets/images/favicon.ico HTTP/1.1
Host: swappauto.staging.lcsolutions.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6Ii9PbCs0MGRXUHdaTnhjWGV6OTRUQ0E9PSIsInZhbHVlIjoiQjBnMy9vbkZZN21LNitvWENrWnkvZXFLUy9jNDhjek1xQjZwNnpGMzl4ZXYvUGlQSEN3cDArYksydDJ5bjJnSSIsIm1hYyI6IjI3N2Y4OTg0ZDRjMzRkZGRiY2YzZTRhODE3MzZkMjZjYTY0ZmJiMTkyOGQ3MzdjNjEzODAyMTA4ZmFkNGNkMTAifQ%3D%3D; swappauto_session=eyJpdiI6InlWbnVZamRFMzBHQkR0MGhIUWJwM2c9PSIsInZhbHVlIjoiTVo2WFBLNTg2Nk1FTWJKNmtDUlA2NVRWM0pCNm90VzZYT2JDVEwzbUFQOHNIQW5LR3Z5RzZCWnViZjJ2VGNLMyIsIm1hYyI6ImM3ZmU1NWYxZTgzNThmYTkyODFkYmNiOTQ5MWQ3NDBjMDE0NmY0ODRjY2ZlZDhjYTE1NGJhZDVlYWFhNjNkZDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 07:55:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "25be-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 9662
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12635
Expires: Tue, 11 Oct 2022 11:26:25 GMT
Date: Tue, 11 Oct 2022 07:55:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12635
Expires: Tue, 11 Oct 2022 11:26:25 GMT
Date: Tue, 11 Oct 2022 07:55:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12635
Expires: Tue, 11 Oct 2022 11:26:25 GMT
Date: Tue, 11 Oct 2022 07:55:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12635
Expires: Tue, 11 Oct 2022 11:26:25 GMT
Date: Tue, 11 Oct 2022 07:55:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12635
Expires: Tue, 11 Oct 2022 11:26:25 GMT
Date: Tue, 11 Oct 2022 07:55:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1f22c3-33a7-4f40-9b8b-96764c81e8d4.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1f22c3-33a7-4f40-9b8b-96764c81e8d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5205 bytes)
Hash
30456d487c35886b1856909aafd25955
2a49a0b04e6763475e5cbb4d10c0c1a55f5b6506
f66c17dc9b78564a6f2d340ea95113cfae08c2bc1e2e0013b7fcc535bd37c198

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1f22c3-33a7-4f40-9b8b-96764c81e8d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5205
x-amzn-requestid: a855373d-076a-444d-b20e-123f3e085082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZubqSHINoAMF_qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6342730e-7cb791452232e9dd60c70560;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 07:06:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kE4kg-fVpc6z0kDU_9mwfZBa9-KNuMdWi2lgjZK_-w1vImI0kTUXAQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 13:37:03 GMT
age: 65927
etag: "2a49a0b04e6763475e5cbb4d10c0c1a55f5b6506"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10736 bytes)
Hash
7c510a5010677fcfa9ee8065c0abc894
5f2cf2a511760f5fd16d5c14a48a1aff185830e0
a07018792c7eb661bfddde47d26d728298c90314e52c96228a91c7d1978fedc6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: fb2bd595-cff6-4278-95cb-f42939d91f17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt85Fd9IAMFQeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449052-326c047f01d742353e1891c8;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: u5XxBwVbvOux8Bv_DgbsHjE5KcQE5gy_F2mXDNFfgPxmTfsfwCQS7Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:59:42 GMT
etag: "5f2cf2a511760f5fd16d5c14a48a1aff185830e0"
content-type: image/jpeg
age: 35768
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0524849b-0616-46fe-9940-c4934dc5fba0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5926 bytes)
Hash
013a1c2ceea4c7055b2d8d5272e68e07
db90a35ecc3262efe4bf8ad7aca5f92e2e13e0d0
94c614b3414f27f0d9dfe5c4ebd6b1745431a5e8d221ca7b85e8b63cf911e72b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0524849b-0616-46fe-9940-c4934dc5fba0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5926
x-amzn-requestid: a9cb9682-9f41-467c-8ab2-c95461ada103
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkE9uF_8IAMFzlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e4ebe-3c42cb491380d48712eeb124;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:42:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6w-da6Syc4GfDhfFOLwILxMuqu-RAjnbOalupvTu_Hzds5pNp97sEw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:00:21 GMT
age: 35729
etag: "db90a35ecc3262efe4bf8ad7aca5f92e2e13e0d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5184 bytes)
Hash
a038cab69baa881794ca6712d38fb838
dfad15b64839ef9b304f7c919a36c4e66cfd46b6
26fc7247d679fe9f5b583abd33e3b56857b003facbb3b22b7d38b5d859a8c423

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5184
x-amzn-requestid: 4051eb09-2dd2-4e38-8077-8bb8ac919aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dQG9VIAMFYTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-549cfdff0ead4dce44a3e546;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mKygWi_g37uFV_B4qM2c_ZbVyXuqMWdTAO-pJQ5Gytz7vQ09B0CbvA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 11:02:58 GMT
age: 75172
etag: "dfad15b64839ef9b304f7c919a36c4e66cfd46b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b0daac-7759-4c24-876e-0081209775ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5986 bytes)
Hash
bbb9ff33a7a2e6ce3960c9c90b9606be
9a7c7f0f1a0fce0c7cdf7b842c6b0e23793a9b7c
8e937db0d312a1f0667038ab6cb5ff49eb22d1c7f5addfe9ed9f1988481476af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b0daac-7759-4c24-876e-0081209775ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5986
x-amzn-requestid: c5a80a04-65d8-4949-8a74-fde444516732
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxttuEUdIAMF4mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c324-47150b855f93b773337cfa4e;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:00:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RmWrbes3UmN46NlzE8SXSauQmuJZV9ApjuplqgmQI3xSHI7075HfQQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 04:07:51 GMT
age: 13679
etag: "9a7c7f0f1a0fce0c7cdf7b842c6b0e23793a9b7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5957 bytes)
Hash
6943f4735bdb3eaf396cd0edbd101dae
3be209d8b74abe0d12033cf6149da04eb9e1a116
7578a8981216adc59909baf4e41ef4044d5a592e6dc7f80f4fa8f5f1cc1b282f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5957
x-amzn-requestid: e0f7c754-77bd-402d-9a94-424632468a2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zt6HoGFvoAMFoHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63423d63-32c98bad73afd14a4ee28593;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 03:17:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Pq_yqwFfzr5QIsZKy1h6qtbDul9dGXzapXaLy9NOhGRMgLNxSnj6vQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 03:39:45 GMT
age: 15365
etag: "3be209d8b74abe0d12033cf6149da04eb9e1a116"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6645 bytes)
Hash
1a8720e1bfd92ce7ccfeb8ab6ca2477a
1277a8a73b2fbf48562a7f767c3219d836b1faa9
61cfaa0a0338ae710735fab66822d8227adeb6a8bc4035686fae4a4de6247f1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 6e75c182-93bc-4339-a679-b069f78a397c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuQ0H3qoAMFi5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634490d1-4e134a93174cbf3559bea75c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2T5ArGyU86KvuyKtp_G0XC9MaZQWS2luBYlIKcQRWNeeUjqcmQgMSA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:42:38 GMT
age: 36799
etag: "1277a8a73b2fbf48562a7f767c3219d836b1faa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (50)

URL HTTP/1.1