Report - www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html

Report Overview

Submitted URL
www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html
IP
172.67.132.22
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-29 03:02:56
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.locabrowser.com	unknown	2012-11-06T01:29:23Z	2023-03-28T23:34:31Z	866 B	1.7 kB	172.67.132.22
nishassalons.com	unknown	2014-12-06T04:49:18Z	2023-03-20T05:15:13Z	703 B	718 B	50.87.147.16
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	448 B	945 B	104.18.10.207
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-29T05:20:03Z	374 B	31 kB	69.16.175.10
i.imgur.com	5110	2012-05-21T10:09:36Z	2023-03-29T06:01:33Z	794 B	18 kB	151.101.244.193
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-29T05:19:40Z	936 B	76 kB	172.64.133.15
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	35.162.110.205
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	58 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-28	medium	www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html	Office365
2023-03-28	medium	www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html	Office365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-29	medium	nishassalons.com/wp-includes/js/tinymce/themes/moderndata:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAeklEQVR4nO3UMQqAMBBE0QUL7+F5LOxyxlSewTvZj/10Q8AI/gfbBpb8pAoAPklt08j4eft5aGSKBRo3IBJK8IgNv1CKhAwJpUjIkFCKhGYnBPzd0m+NjJ+na9XIFAt0bkAklOARG36hFAkZEkqRkCGhFAnNTggA6g0PsZwml5fu+o4AAAAASUVORK5CYII=	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.1.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL code.jquery.com/jquery-3.6.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-04-24 06:24:59 Times Seen22995 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	www.locabrowser.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-24
Pretty URL www.locabrowser.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 07:23:47 Times Seen54770 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html	3.6 kB	2023-03-29	2023-03-29
Pretty URL www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html IP 172.67.132.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:42:07 Last Seen2023-03-29 23:42:07 Times Seen1 Hash 8fc2bb9e3fca1ca7495efa905b1f47c9 192a1eaf4d8a0684cf611fa26d574a43de7f34e3 2d48c3299acd64990680ae6d70c7d86aee953a563e3ef4f1ba7f57f7b0dfa193 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 16838f69c3dcb95920f1a99b5d29b623	3.8 kB	2023-03-29	2023-04-27
Pretty Observations First Seen2023-03-29 23:42:07 Last Seen2023-04-27 09:15:35 Times Seen2 Hash 16838f69c3dcb95920f1a99b5d29b623 ad22d366756c6a964310c959e1e617ec8ca636e1 323d2d139b40926d3be92ccce94aa8e159e8739b7e7ba8921205920cb6896eae Loading...

HTTP Transactions (29)

URL IP Response Size

www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html

172.67.132.22

301 Moved Permanently

0 B

URL HTTP/1.1
www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html
IP
172.67.132.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Office365

HTTP Headers

GET /caches/2023-03-28-bnnzx4TUtI.html HTTP/1.1
Host: www.locabrowser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 03:02:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 04:02:45 GMT
Location: https://www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFotO7lMvjwH7hHI%2BFBQ0K6HLAOZfatsY3r0OotrDdYdqK%2FW2vbvoCqxsTqHsBtX6FK4zQdVjLgbTaG06j1wPjw6KaF2DdCq9XvbGYwIwTTmIiFcVZ%2Fa6FXg1W3q9qPmCz5%2Fid0G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af4e0370dbdb529-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7036
Expires: Wed, 29 Mar 2023 05:00:01 GMT
Date: Wed, 29 Mar 2023 03:02:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4951
Expires: Wed, 29 Mar 2023 04:25:16 GMT
Date: Wed, 29 Mar 2023 03:02:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 02:28:08 GMT
content-type: application/json
age: 2077
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Wed, 29 Mar 2023 04:45:29 GMT
Date: Wed, 29 Mar 2023 03:02:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IxYMZHQ5R2My8ZbM6PLR4tpTYpmCTUiICBpmH8FALCxIJ5jfIlvs3yRdmdmhc/gSpEnueP0fyvc=
x-amz-request-id: G0GVC7QDD9YS3YBS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 02:56:28 GMT
age: 377
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 03:02:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.1.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30957 bytes)
Hash
2c8fb5f779970f005faea6e0f60c7e85
c9b676abdb36ea6ccf133eb7641236a7f53dd815
d14d28eea362f345cb56e1ae1244737768d80bc60dea930f308bde89dfa0c0f1

HTTP Headers

GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.locabrowser.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 03:02:46 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680058966.dop224.sk1.t,1680058966.cds255.sk1.hn,1680058966.cds206.sk1.c
X-Firefox-Spdy: h2

i.imgur.com/S4iamjZ.png

151.101.244.193

200 OK

2.1 kB

URL HTTP/2
i.imgur.com/S4iamjZ.png
IP
151.101.244.193:0
ASN
#54113 FASTLY

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2106 bytes)
Hash
bbd1dc4a78b346ecd55ba60f5a19361e
208a8ba0c79aae03c5b30bb0ec3f5ee3763b8a6b
38885465c8c4a78dd8e36b7625b053f581134f5b7bf1e647f2a21dd639963b4c

HTTP Headers

GET /S4iamjZ.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.locabrowser.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Feb 2023 21:22:49 GMT
etag: "bbd1dc4a78b346ecd55ba60f5a19361e"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 29 Mar 2023 03:02:46 GMT
age: 2331138
x-served-by: cache-iad-kiad7000154-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 116, 1
x-timer: S1680058966.368357,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2106
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7401
Expires: Wed, 29 Mar 2023 05:06:07 GMT
Date: Wed, 29 Mar 2023 03:02:46 GMT
Connection: keep-alive

i.imgur.com/SyO5Weq.jpg

151.101.244.193

200 OK

15 kB

URL HTTP/2
i.imgur.com/SyO5Weq.jpg
IP
151.101.244.193:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
15 kB (14816 bytes)
Hash
74ed54be49899f8f9b46e6b09af92df0
db9a84feb8900add663868a11eedd26a2c8beadd
cd02716aefd411689e481090941748a4bf0f6d8335ca99166f6cc5873f8d4899

HTTP Headers

GET /SyO5Weq.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.locabrowser.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 12 Feb 2022 10:08:37 GMT
etag: "74ed54be49899f8f9b46e6b09af92df0"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 29 Mar 2023 03:02:46 GMT
age: 1870937
x-served-by: cache-iad-kjyo7100172-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 17519, 1
x-timer: S1680058967.525404,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 14816
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 02:17:26 GMT
age: 2720
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2

172.64.133.15

200 OK

74 kB

URL HTTP/2
use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 74316, version 329.30932\012- data
Size
74 kB (74316 bytes)
Hash
52134b924fd61958f88323845deffc64
cfccdf2c8be593220ea949989a5abc0b380ea2ac
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d

HTTP Headers

GET /releases/v5.7.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.locabrowser.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 29 Mar 2023 03:02:46 GMT
content-type: font/woff2
content-length: 74316
x-amz-id-2: M5BVWGSQCsliHIRXBK+a6VY3CqK8DpcI4T1Xy4N9nri/Do6HJ70QatzYkN4ZWYDiC/q8vG8EH+o=
x-amz-request-id: Q69G5HTSXV2Z72FN
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: "52134b924fd61958f88323845deffc64"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 8147
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JVt9EspHk1c4JmPbTKuRkQHPH64M%2FQvlWMpbUDE0atHBT4vjcNF7m871%2FZbYnbYFTrGVx8uYKnkZekTfdP7ULKa90zVrYh6EvpOhUVxRuZuwTdtpd92LMWojTyc5Z%2FosaEz%2FV%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af4e03ceaef386e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.110.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.110.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jq3bWzsitPb5NpfgZoObZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wRl1Vx6RJB8/QA8AWDx5EJ6nAPs=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84c8a9a8133cffc51e94f5bfe050af23
3ed35d9d1ed2c513c0e52985d4382218e9adf971
7f2a6aa9939f17f1db66e8851f3e009f659499b2e210d77c51cbf48ddb2af959

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F2A6AA9939F17F1DB66E8851F3E009F659499B2E210D77C51CBF48DDB2AF959"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 29 Mar 2023 09:02:47 GMT
Date: Wed, 29 Mar 2023 03:02:47 GMT
Connection: keep-alive

nishassalons.com/wp-includes/js/tinymce/themes/moderndata:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAeklEQVR4nO3UMQqAMBBE0QUL7+F5LOxyxlSewTvZj/10Q8AI/gfbBpb8pAoAPklt08j4eft5aGSKBRo3IBJK8IgNv1CKhAwJpUjIkFCKhGYnBPzd0m+NjJ+na9XIFAt0bkAklOARG36hFAkZEkqRkCGhFAnNTggA6g0PsZwml5fu+o4AAAAASUVORK5CYII=

50.87.147.16

404 Not Found

462 B

URL HTTP/2
nishassalons.com/wp-includes/js/tinymce/themes/moderndata:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAeklEQVR4nO3UMQqAMBBE0QUL7+F5LOxyxlSewTvZj/10Q8AI/gfbBpb8pAoAPklt08j4eft5aGSKBRo3IBJK8IgNv1CKhAwJpUjIkFCKhGYnBPzd0m+NjJ+na9XIFAt0bkAklOARG36hFAkZEkqRkCGhFAnNTggA6g0PsZwml5fu+o4AAAAASUVORK5CYII=
IP
50.87.147.16:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
462 B (462 bytes)
Hash
3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/tinymce/themes/moderndata:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAeklEQVR4nO3UMQqAMBBE0QUL7+F5LOxyxlSewTvZj/10Q8AI/gfbBpb8pAoAPklt08j4eft5aGSKBRo3IBJK8IgNv1CKhAwJpUjIkFCKhGYnBPzd0m+NjJ+na9XIFAt0bkAklOARG36hFAkZEkqRkCGhFAnNTggA6g0PsZwml5fu+o4AAAAASUVORK5CYII= HTTP/1.1
Host: nishassalons.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.locabrowser.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
last-modified: Fri, 29 Nov 2019 23:16:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Wed, 29 Mar 2023 03:02:47 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12883
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:02:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12883
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:02:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12883
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:02:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12883
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:02:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7053 bytes)
Hash
c59a4159472f366958e67dc928b2a749
0c483adeebf10605e954c55e94c3f43bf1dace30
8fe24cee6c4ee94547e8721448fbdcbd0ab6a38de924d62e00ee6310a1cdfe4e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7053
x-amzn-requestid: 2fc4b1ec-6550-4e18-8374-4f174b081f40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaOHC-IAMFUYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dda-1e21707f0ceb33ff63afb449;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: olz0Fnxykdz9uh4RfYsf3wQahJCrqAUJc2pt7rTwFNqKGXZ6WBewBg==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:01:51 GMT
age: 18057
etag: "0c483adeebf10605e954c55e94c3f43bf1dace30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8878 bytes)
Hash
d9b904645a97752fd0cd185af9f33b13
06b9705ae857def62553d8ef6c5380d656a94805
5c80b9c2ba29659bcf7be241a1e54343711882433668d4105ca668fc11e2ce6f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8878
x-amzn-requestid: c0674742-96aa-4fe9-bc66-f9c952d8a920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CORKVFOPoAMFX8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfbdb-0555f3c75321ad1e42f06c8f;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:12:27 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: zx44rtiZRjKKLeG1qM3ABJYWg1TWDF0t6W33AzJoucdH6G4DABBqMg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:53:21 GMT
age: 14967
etag: "06b9705ae857def62553d8ef6c5380d656a94805"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9781 bytes)
Hash
b6bd3d6c290e2be5effe451fddc92288
456c678dd0b64d84021c41383a534afeaa4d7af0
3d645c8b903b9f5593d068feb00b1c04cf8444ed78a292458e69d5c553cb1691

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 9a919196-e536-4ef7-a2b2-9637aa75abff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ceq6FGAJIAMF7Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64228b73-769c33f459c985ab427ed47b;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 06:38:43 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: T7nlbpfpRe76MxUDe02iIQw32f05dmRdE66ywSmviU7fT7SPNu_T1A==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 15:04:28 GMT
age: 43100
etag: "456c678dd0b64d84021c41383a534afeaa4d7af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7567 bytes)
Hash
55681b318ad65a83ce3b28438541f441
2682cc516dd93c5ed51cfc73391fe783c0e32242
298cba8ba116f9362b75a5a2f7c544ee3688beba6278ccd184e47e136a26e021

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7567
x-amzn-requestid: 91d9ed55-00c5-4644-a1e6-28e8e922328d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6c8EFvoAMF2ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210ab8-7d05e425248b4a5455f75527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:17:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nMoc-_RuUofEWh7aJ9pRLxPDPp4euJETaxd6TcCEDk_TNaLRpSTs7w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 11:10:30 GMT
age: 57138
etag: "2682cc516dd93c5ed51cfc73391fe783c0e32242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32e391ba-5f96-413b-afda-e6ea52953668.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11027 bytes)
Hash
11a3ec10ceec6a8147a4c173b4b420d7
9fe904e5f3062677c6290b821c89a7e3aaee0371
ce934631eda7670329b9bc46a14eff0dd9839bdc838ad90d401600bee70c4f4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32e391ba-5f96-413b-afda-e6ea52953668.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: 48f65bca-a792-4f2c-8eb4-d05c6dc2c2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CXODXE7eoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f907b-6a5a7a890aa383fc4e0eb983;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 00:23:23 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qeit17u4hnY6-u4djG8q98cqMH0bj5wwWQxczrjTN02iB3tQ8nq5MQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 14:23:50 GMT
age: 45538
etag: "9fe904e5f3062677c6290b821c89a7e3aaee0371"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7630 bytes)
Hash
096bf7a8a2bfe48c19e6bf6887145e64
6193039864cae4ab0163f3a7d45613fb86e6be14
51625131b04aa5294e90062807ca728b7a41db79ea069cd238711f8ead5ecd8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7630
x-amzn-requestid: 5f162d03-0d82-4cd6-8812-4dac159bc2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY9HwhIAMFeOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-670279397929c69c0ee58b35;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LBOtzCZ-Ef7MsXDj9uh8QSi4jdLTSR3lEtZqRrU6ldmCZVqvpoAQmw==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 19131
etag: "6193039864cae4ab0163f3a7d45613fb86e6be14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.0/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.0/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.locabrowser.com
Connection: keep-alive
Referer: https://www.locabrowser.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 03:02:46 GMT
content-type: text/css
x-amz-id-2: DrNapU5JF8dGAWc+PUksziWNbnXww0IOX/Lziv3/p+mUb7GewCiwNnk35gOOSuLVg3SPv+t41nc=
x-amz-request-id: 5N5G6DYW04CZXNH5
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:15 GMT
etag: W/"251d28bd755f5269a4531df8a81d5664"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 8148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFam1RpN8pxtjtPGQk4gHL%2B4aEes3r67gToHDaDOpDs6QPWlOAvIzu5PwCBybqdn1K38Dz2D1K2h9vdvNB2OMzP%2B50UE9pE7JvFzI9xIAHlyL45nHu5p1yIl08JhDqUU3WbqHIGc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af4e03bfa3d386e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html

104.21.4.127

200 OK

0 B

URL HTTP/2
www.locabrowser.com/caches/2023-03-28-bnnzx4TUtI.html
IP
104.21.4.127:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Office365

HTTP Headers

GET /caches/2023-03-28-bnnzx4TUtI.html HTTP/1.1
Host: www.locabrowser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 29 Mar 2023 03:02:46 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 28 Mar 2023 20:42:03 GMT
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline';frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: Path=/; HttpOnly; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpMQViZaHPgKrVoZ6RRXEM%2F1Rx8eDuX2cxT%2BD0jkVWaV7obetRW%2F2nOMUyx7OqHDO3nA1HtO2aFDT9PIRPOT6HwxJXVESx9uQQ%2B%2BUCwRpag1ia%2B6nYrll2CRbTh1IGQwBx8NlAeY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af4e038ebaab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.locabrowser.com
Connection: keep-alive
Referer: https://www.locabrowser.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 03:02:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9ff76e3e1027d505ab39c77e9e8d5007
cdn-cache: HIT
cf-cache-status: HIT
age: 16163
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af4e03b6c12b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (29)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1