firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 14:12:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _bpxF3yMVL1aLmQSSlxFPPM3_vqT16CQ4Q6AeoixWAcN77g7Bvp_Qg==
Age: 2517
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12285
Expires: Wed, 21 Sep 2022 18:18:44 GMT
Date: Wed, 21 Sep 2022 14:53:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OCPKrA_DX8_VHi2KChpZghVkBs1rljc6CwN588-_0M7sBSs3niSS6w==
age: 37126
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 14:53:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vchf.link/9of6R3
5.199.173.5302 Found 0 B IP 5.199.173.5:0
ASN #16125 UAB Cherry Servers
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9of6R3 HTTP/1.1
Host: vchf.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.10.3
Date: Wed, 21 Sep 2022 14:53:59 GMT
Content-Length: 0
location: https://malbertoccept.com/aae79570-9822-4c25-911c-b3b8282f8e1c
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 14:03:22 GMT
Expires: Wed, 21 Sep 2022 14:42:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: biJHLq2LfMhc__J8TSOSrUt49PkWdIIMzCvXW4QXMeGxKXhAJvK6BQ==
Age: 3037
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Last-Modified: Wed, 21 Sep 2022 13:17:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 087bc5512f78a49ad7b30449d5d23bbb
4956858545e6de413ba02a7c652f28f824a3850e
cfe4db2d478e3380b29ff06363bdf880644a21415a9847e3d5407770144a6308
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE4DB2D478E3380B29FF06363BDF880644A21415A9847E3D5407770144A6308"
Last-Modified: Wed, 21 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Sep 2022 20:54:00 GMT
Date: Wed, 21 Sep 2022 14:54:00 GMT
Connection: keep-alive
malbertoccept.com/aae79570-9822-4c25-911c-b3b8282f8e1c
18.197.36.77302 Found 0 B URL HTTP/2 malbertoccept.com/aae79570-9822-4c25-911c-b3b8282f8e1c
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aae79570-9822-4c25-911c-b3b8282f8e1c HTTP/1.1
Host: malbertoccept.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 14:54:00 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
pragma: no-cache
set-cookie: aae79570-9822-4c25-911c-b3b8282f8e1c-v4=fN1RWqMV8GJeZuXCMC6-Mv2Oq5uPJUpzRNO3LNGdNSA; Max-Age=86400; Expires=Thu, 22-Sep-2022 14:54:00 GMT; Domain=malbertoccept.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=5YS8CH2bRp39Ek7z0PI3SHvoTqisxUlKd4HqduJNAodFZTE8XftoF8mNrhVuSqfRidmaVh3Hsn4763edNhm6jVPM7pAt0TLd70zHCjk-NDolcsy8VgqhmFfOQ5R4H8cyiGwYQD0krwV5SsKsrXkURhsTQyzAnXhbPdsLFyvRV7UysYuLNqg3MnHnSpkp_5EKpsXSvr40vj4vNm60qSSa5cJWtp36KNCT0Eqy9yhI7wmtXZC-txKufaYKqebCqE04-uBtUDo_6UpPR-US0VaaWPXkhksbCYl0_WsET4K61QleOYwEnlzy6IqeZqQaThnm2_qWnWn19XbgKUuDaEo1W3HrhBvIdkewyRz0NzGGInU; Max-Age=86400; Expires=Thu, 22-Sep-2022 14:54:00 GMT; Domain=malbertoccept.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rGuqkCaGsxTfysF+ttGONw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g9wokQDvIhyQbvZfFxx3tnGsNnw=
tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
212.8.249.22200 OK 9.6 kB URL HTTP/1.1 tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 51dc3e0354134953075c475125b2732e
160be243c8206af5d23d472b68e76124db74e4c9
94f44865099ec6a001083db2fe4a0c51f03d478974d2413af3d0220e9e4d6cb8
GET /?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052 HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
tracking-shipment.cc/ca/trackcafex/css/styles.css
212.8.249.22200 OK 35 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/css/styles.css
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
Hash ad7b6a23236d1d9014c116c96a59025f
12b8501f7eb578d548883271a8f09da24f1fb7cd
757ac0bb6d5f2d2be145a5293259e1dc119bf4339b6281c36639eb920a695d38
GET /ca/trackcafex/css/styles.css HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:02 GMT
Accept-Ranges: bytes
Content-Length: 34724
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-shipment.cc/ca/trackcafex/js/init.js?v2
212.8.249.22200 OK 29 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/init.js?v2
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
Hash f242321ef45d54e5e31542146fd502e3
d81b1f95b180b4d3d22fd874d3eebf7d2aed1a93
956ec6736214b41dd5638dbc45d019699fd9337cffc703fd6985089978e8dcac
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/init.js?v2 HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:54:29 GMT
Accept-Ranges: bytes
Content-Length: 29108
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 087bc5512f78a49ad7b30449d5d23bbb
4956858545e6de413ba02a7c652f28f824a3850e
cfe4db2d478e3380b29ff06363bdf880644a21415a9847e3d5407770144a6308
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE4DB2D478E3380B29FF06363BDF880644A21415A9847E3D5407770144A6308"
Last-Modified: Wed, 21 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Sep 2022 20:54:00 GMT
Date: Wed, 21 Sep 2022 14:54:00 GMT
Connection: keep-alive
tracking-shipment.cc/ca/trackcafex/js/svg4everybody.min.js
212.8.249.22200 OK 1.9 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/svg4everybody.min.js
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type ASCII text, with very long lines (1896), with no line terminators
Hash c0a356327ff54be031c7376e8a59c4a1
ce3bde5061f3c42bf66a53d4bd8ab8be90a3f4ad
9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/svg4everybody.min.js HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:04 GMT
Accept-Ranges: bytes
Content-Length: 1896
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tracking-shipment.cc/ca/trackcafex/js/crypto.js
212.8.249.22200 OK 13 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/crypto.js
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type ASCII text, with very long lines (548)
Hash e8b570edd18a8c4167f2e11af5c49d60
98b1c7bd3b60b943c8fd80ddc07b0a50ae72c35d
796e6b2c8b43e3418f634e049376bf264fa5db0ba476ca688495d50d8f868af3
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/crypto.js HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:06 GMT
Accept-Ranges: bytes
Content-Length: 13219
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tracking-shipment.cc/ca/trackcafex/js/script.js
212.8.249.22200 OK 39 B URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/script.js
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
Hash 553eb3119e6cc3ebdb0939a4b0d8d854
5348ff6fcc802de8a5ba8fd529b2d9f48abddac7
573094a2773fac0a059c260c543623e749647af6887e915a265fc4bb84aa63bf
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/script.js HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:05 GMT
Accept-Ranges: bytes
Content-Length: 39
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
tracking-shipment.cc/ca/trackcafex/js/language.js
212.8.249.22200 OK 23 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/language.js
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
Hash 69ca76f3291db76a98ff7622ec13c033
3f7ebe5c5d6fea671c31fa360157a55caf7ccc32
180b8626c86fcc89ddad39c3cc08efe9d3d3bf2ac785c916a226db61bae7fe47
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/language.js HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:07 GMT
Accept-Ranges: bytes
Content-Length: 22618
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
malbertoccept.com/hp
18.197.36.77200 OK 382 B IP 18.197.36.77:0
File type ASCII text, with very long lines (381)
Hash 10263a40a9d604e06e31e20f0b213918
524c7e3d46f4c3b19319ff3315ba6adfafd5eb3b
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
GET /hp HTTP/1.1
Host: malbertoccept.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 14:54:00 GMT
content-length: 382
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-G2K1PSJT7Y
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-G2K1PSJT7Y
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash a928e3c8ceb4ae08191d2fcf5b7274ef
aa5edd34cb153b765dd3171a70ccea85a6f90ba2
ad0a49f4ded8feb73816ee9b84b54f7080242eb4083c7764be333c88fb84ffcc
GET /gtag/js?id=G-G2K1PSJT7Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 14:54:00 GMT
expires: Wed, 21 Sep 2022 14:54:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracking-shipment.cc/ca/trackcafex/js/lib/modernizr.js
212.8.249.22200 OK 51 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/lib/modernizr.js
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 25aa7744dc61160062c1e27dc5e83141
f5447890d36160123d54cb29bf74a5572891a5b0
c7792303c21b31f34ad465f616d340d7d15d77ff875ba6eabba151feed124d9f
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/lib/modernizr.js HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:09 GMT
Accept-Ranges: bytes
Content-Length: 51354
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tracking-shipment.cc/ca/trackcafex/js/lib/jquery-3.3.1.min.js
212.8.249.22200 OK 87 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/js/lib/jquery-3.3.1.min.js
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:09 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-shipment.cc/ca/trackcafex/images/foot-icon03.svg
212.8.249.22200 OK 3.9 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/images/foot-icon03.svg
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3866), with no line terminators
Hash 82ee42c1e4a5255901f9a5a5e58c48c3
011ac9ea192f5bcfcabd58616850d02c3fdfa0cc
3263bb41c37e93568aa88421e753f4247c809c3dc7b8e21c701c966d16eee5b0
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/images/foot-icon03.svg HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:03 GMT
Accept-Ranges: bytes
Content-Length: 3866
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
tracking-shipment.cc/ca/trackcafex/images/foot-icon02.svg
212.8.249.22200 OK 4.3 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/images/foot-icon02.svg
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4280), with no line terminators
Hash ddf623c02c4c098d62169da873b2966f
7099624f72080f850e7b1866e3b7b0e916e2d0d6
00b79e96e2324306f897649364907340e7d6ed2199bd7cd928cc2bec37d7c287
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/images/foot-icon02.svg HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:03 GMT
Accept-Ranges: bytes
Content-Length: 4280
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
tracking-shipment.cc/ca/trackcafex/images/icon-box.svg
212.8.249.22200 OK 1.2 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/images/icon-box.svg
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1182), with no line terminators
Hash 6201ab0217306b232e0119fc48d36c98
3f6b572d725765e6ec8d95e2f9268638b418a5e0
62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/images/icon-box.svg HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:02 GMT
Accept-Ranges: bytes
Content-Length: 1182
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
tracking-shipment.cc/ca/trackcafex/images/package-it.png
212.8.249.22200 OK 7.6 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/images/package-it.png
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type PNG image data, 1298 x 1298, 1-bit colormap, non-interlaced\012- data
Hash 271dbafac47cd5d8305f2e93a23144f4
2a69ed892038924cced3cc49709ceadf36366d3d
1788f27c3cb8019bd045b01581c048e5aa522e45c98e59894faa42a9386963b7
GET /ca/trackcafex/images/package-it.png HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:01 GMT
Accept-Ranges: bytes
Content-Length: 7576
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
tracking-shipment.cc/ca/trackcafex/images/foot-icon01.svg
212.8.249.22200 OK 8.0 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/images/foot-icon01.svg
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7997), with no line terminators
Hash d357ba98471cbbb54d1e67aa15492653
6ec2a13749eebcee7a5e0c0e8da6fd9a05cd935d
72b5508eefd5a9c85c53de4e82c9e8821dea88160cddd36d31644506c1cbfa13
Analyzer Verdict Alert fortinet Phishing
GET /ca/trackcafex/images/foot-icon01.svg HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:03 GMT
Accept-Ranges: bytes
Content-Length: 7997
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
tracking-shipment.cc/ca/trackcafex/images/tntlogo.jpg
212.8.249.22200 OK 23 kB URL HTTP/1.1 tracking-shipment.cc/ca/trackcafex/images/tntlogo.jpg
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Hash 4206918c2087d7f6781d83d0671bd227
740cb96cc89ea2a35706894b119b36ffe6b37249
1e66e9f687ae4854ad4e1188cb1e03de1eb4d62274876f92739321db44b7a050
GET /ca/trackcafex/images/tntlogo.jpg HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2022 16:46:04 GMT
Accept-Ranges: bytes
Content-Length: 23118
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tracking-shipment.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:32:09 GMT
expires: Thu, 14 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 588111
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tracking-shipment.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:58 GMT
expires: Thu, 14 Sep 2023 19:30:58 GMT
cache-control: public, max-age=31536000
age: 588182
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-shipment.cc/favicon.ico
212.8.249.22404 Not Found 315 B URL HTTP/1.1 tracking-shipment.cc/favicon.ico
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
tracking-shipment.cc/icons/icons.svg
212.8.249.22404 Not Found 315 B URL HTTP/1.1 tracking-shipment.cc/icons/icons.svg
IP 212.8.249.22:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /icons/icons.svg HTTP/1.1
Host: tracking-shipment.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/?txid=U2FsdGVkX1/RpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU=&cep=VL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk&lptoken=162659b762047636985b&cep=UJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs&lptoken=168f6360771838824052
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 21 Sep 2022 14:54:00 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tracking-shipment.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:59 GMT
expires: Thu, 14 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 588181
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tracking-shipment.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:59 GMT
expires: Thu, 14 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 588181
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-G2K1PSJT7Y>m=2oe9j0&_p=1269793177&cid=828388841.1663772041&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663772040&sct=1&seg=0&dl=https%3A%2F%2Ftracking-shipment.cc%2F%3Ftxid%3DU2FsdGVkX1%2FRpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU%3D%26cep%3DVL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk%26lptoken%3D162659b762047636985b%26cep%3DUJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs%26lptoken%3D168f6360771838824052&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-G2K1PSJT7Y>m=2oe9j0&_p=1269793177&cid=828388841.1663772041&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663772040&sct=1&seg=0&dl=https%3A%2F%2Ftracking-shipment.cc%2F%3Ftxid%3DU2FsdGVkX1%2FRpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU%3D%26cep%3DVL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk%26lptoken%3D162659b762047636985b%26cep%3DUJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs%26lptoken%3D168f6360771838824052&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-G2K1PSJT7Y>m=2oe9j0&_p=1269793177&cid=828388841.1663772041&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663772040&sct=1&seg=0&dl=https%3A%2F%2Ftracking-shipment.cc%2F%3Ftxid%3DU2FsdGVkX1%2FRpbKes9bSIEyjhf2MpYFbZGmbfyyZUwU%3D%26cep%3DVL0fSTcOQ1qfGsrEgu7MGkD94kvaUalEZ2VfLm6Jlw0r8FERuIEy1BgkKeWhhAtmbHqu_rQsd-OYr77mp9gNZFTqlRK_U0tue9xhnO5VqAtmYOPPQfHkUo5ZCqkUExUB26-3YzjC7GkH3Ee0sdWUDBTExVSIBAtCzaYUKgd9PUrephF5gzAbzOt8cdS6B-N0cLAcGL0R5kNkhyWDEWpB0CUYCPNwDG7Dgy5dffAujN9Qo8hxE2Xdtr1Ifq0L3rjcFyu0zpU3Xc4-ZMfv_uuT_wKIquLXke_GpMgCog31y8WOhwqABCs_cNeGp5ksW-h3QefzKFGVLpWxLrGbhjK20Vi60m3rurfFdw2y3H677vk%26lptoken%3D162659b762047636985b%26cep%3DUJ2ZKTeBSfJxZTMO4vWCWXTG5EGkf7C4YgQGD7bM0x-7-Gw761JMQ0RRBN8DRJrN4oAbeWfg0vc506kGWLOx2fagHpspFJfex_NAkvZ3v7Aqk7lJFJB1ZxDJA4hYIKEF6ApdRBrRu0rfZtoH-r41Rro1yZU0Yt6TSckpVFi6VV9KhgsZrLza2TqI6srSVRbcEP7WWY9z2zsyWwLrv5XNFmZOTcu6bCS90sf_c9qBDc5q2HmduDxnmX-Jp9pu0d9SGQPkdf75DYRCAUvIh-0edahT43rtnpQuWmfmXOmy1qVS0PXEZhzWBMGX7CJmGwCsj4iIecNm9QYeyvLYA5srwi4GgkEcdNq5Xw-MqHDRUMs%26lptoken%3D168f6360771838824052&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tracking-shipment.cc
Connection: keep-alive
Referer: https://tracking-shipment.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://tracking-shipment.cc
date: Wed, 21 Sep 2022 14:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2626
Expires: Wed, 21 Sep 2022 15:37:47 GMT
Date: Wed, 21 Sep 2022 14:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2626
Expires: Wed, 21 Sep 2022 15:37:47 GMT
Date: Wed, 21 Sep 2022 14:54:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 45335
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 61597
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 60258
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: d9bd4ac9-5032-45d5-9689-c5c3347912d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuFz4oAMFZug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-6fb7d6a52eecab471f67d9a9;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sfGk3C3HLGDYDSXw1d4R7wPRsGdHNKD31chUVzQ8KYBRnsIL0aOW1g==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:17 GMT
age: 61964
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 61843
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 09:10:01 GMT
age: 20640
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap
IP 142.250.74.10:0
GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tracking-shipment.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:54:00 GMT
date: Wed, 21 Sep 2022 14:54:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2