r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Tue, 06 Dec 2022 23:51:44 GMT
Date: Tue, 06 Dec 2022 23:08:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fdb82e106b7e72c869263f3dae962bb
691d54b8bb6a1d11890e796fb18897a341d9df28
840b505bedb18961f3f39230d0c8963ad78a151946fe1817929064eea582edf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "840B505BEDB18961F3F39230D0C8963AD78A151946FE1817929064EEA582EDF8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11763
Expires: Wed, 07 Dec 2022 02:24:43 GMT
Date: Tue, 06 Dec 2022 23:08:40 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 40 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash dc5a2a977fc4da60efdb27b525b807bb
54ed7118625f2e6082d6972065f84be210a9992e
91c8e7e0a7da35b8b40c8ee91a4a2cbc3d6ac8900a121672269cd66f1e0d606b
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: wQI3CloSW9fmUA0vd0DVJgjCnkyHaGmALm-QCOi6Y_BsXirMfldcXg==
content-encoding: gzip
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 23:00:34 GMT
age: 486
content-type: application/json
content-length: 40144
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7833
Expires: Wed, 07 Dec 2022 01:19:13 GMT
Date: Tue, 06 Dec 2022 23:08:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /c27eOgHMfrZ+xxYrszBEfBVKfHbcDH2vI1y2JRgytecdtA6XQ5DcqkBqnnPY8f7KToTrqXoMw8=
x-amz-request-id: VHH724R96N5ZXG0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 22:39:21 GMT
age: 1759
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5202
Cache-Control: max-age=132560
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:08:40 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:58:00 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 22:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2894
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:08:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
200 OK 31 kB URL HTTP/1.1 sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (491)
Hash 8e16f56c2e3226141765e27e22bfc471
cf024bbdf7545271c7c92d04bb1b569f6ed91df9
5e030c29eac1366294e32cdec2564ff601cd6aaa65344f03d1665da22b4647a7
GET /ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd HTTP/1.1
Host: sproy.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:08:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=09ca238586f48281f47391af1ba4908b; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
aadcdn.msauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
200 OK 276 B URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (513), with no line terminators
Hash 4e3510919d29d18eeb6e3e8b2687d2f5
31522a9ec576a462c3f1ffa65c010d4eb77e9a85
1707be1284617acc0a66a14448207214d55c3da4aaf25854e137e138e089257e
GET /ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sproy.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 276
content-type: image/svg+xml
content-encoding: gzip
content-md5: TjUQkZ0p0Y7rbj6LJofS9Q==
last-modified: Fri, 02 Nov 2018 20:25:09 GMT
etag: 0x8D64101494758DF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: f5d3965b-401e-0093-148c-08ad02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0wQyOYwAAAAAOz+NOjOnOSb3gvwCsV2IhQU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0eMuPYwAAAABBM9FbOPWsTLpjeFVW8geaU1ZHMjBFREdFMDUyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Tue, 06 Dec 2022 23:08:40 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ia88a1prlwdqyj0b-dw4zw2.css
200 OK 19 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ia88a1prlwdqyj0b-dw4zw2.css
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (61177)
Hash b21f9671206296941e1354a61743d6eb
78a492165603878204e5c940d9db8d0c3abc49f8
f9fb61f99f131062057b26f45fe2573386ac066ebd1b422a0211454d169ee379
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ia88a1prlwdqyj0b-dw4zw2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sproy.in
Connection: keep-alive
Referer: http://sproy.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 18743
content-type: text/css
content-encoding: gzip
content-md5: sh+WcSBilpQeE1SmF0PW6w==
last-modified: Wed, 13 Mar 2019 06:30:55 GMT
etag: 0x8D6A77D72E37AB9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: e3dae850-f01e-006c-19a9-098148000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0L5iPYwAAAACI1ASOFzkdQ51MKrEVp8SqQU1TMDRFREdFMTkwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0eMuPYwAAAABZ00lFrD/mS4Br9v83HFXEU1ZHMjBFREdFMDUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Tue, 06 Dec 2022 23:08:40 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a634013ea3fefb04ad874ce1a7f4fbbe
4af6c3460d164000cae7e93766c7da3a5ce670f7
00f5331b8378b14200fbf263546af6f6491c277c8b512f0bb1c90bddfd584773
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5249
Cache-Control: max-age=159242
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:08:40 GMT
Etag: "638f8201-1d7"
Expires: Thu, 08 Dec 2022 19:22:42 GMT
Last-Modified: Tue, 06 Dec 2022 17:55:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/37_533e293f0c8947ada653b47c00e394e2.png
200 OK 1.8 kB URL HTTP/1.1 sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/37_533e293f0c8947ada653b47c00e394e2.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 342 x 72, 4-bit colormap, non-interlaced\012- data
Hash 533e293f0c8947ada653b47c00e394e2
0f507bb89c42f937a290d0eeda3f2e0dbfcad5c1
b5d587f6c48a9b22bbe97150249e0c0655ac1780bd273431480a22f8a5bfef6c
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/37_533e293f0c8947ada653b47c00e394e2.png HTTP/1.1
Host: sproy.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
Cookie: PHPSESSID=09ca238586f48281f47391af1ba4908b
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:08:39 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 05:44:20 GMT
Accept-Ranges: bytes
Content-Length: 1750
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
200 OK 3.7 kB URL HTTP/1.1 sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: sproy.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
Cookie: PHPSESSID=09ca238586f48281f47391af1ba4908b
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:08:39 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 05:44:20 GMT
Accept-Ranges: bytes
Content-Length: 3651
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
200 OK 915 B URL HTTP/1.1 sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Hash 5ac590ee72bfe06a7cecfd75b588ad73
dda2cb89a241bc424746d8cf2a22a35535094611
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg HTTP/1.1
Host: sproy.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
Cookie: PHPSESSID=09ca238586f48281f47391af1ba4908b
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:08:39 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 05:44:20 GMT
Accept-Ranges: bytes
Content-Length: 915
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
200 OK 915 B URL HTTP/1.1 sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Hash 2b5d393db04a5e6e1f739cb266e65b4c
6a435df5cac3d58ccad655fe022ccf3dd4b9b721
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/grave/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1
Host: sproy.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
Cookie: PHPSESSID=09ca238586f48281f47391af1ba4908b
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:08:39 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 05:44:20 GMT
Accept-Ranges: bytes
Content-Length: 915
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 22:11:20 GMT
cache-control: public,max-age=3600
age: 3441
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5184
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:08:41 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 06 Dec 2022 23:08:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
200 OK 17 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sproy.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Fri, 02 Nov 2018 20:25:25 GMT
etag: 0x8D6410152A9D7E1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 2b5db3af-601e-0005-3819-09b079000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0g2KPYwAAAABEp7pePlJwRa896w+HvlhxQU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0ecuPYwAAAACIvV7w40mLTIx689kroT8CU1ZHMjBFREdFMDUyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Tue, 06 Dec 2022 23:08:40 GMT
X-Firefox-Spdy: h2
sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/find/gvfRnh.jpg
200 OK 116 kB URL HTTP/1.1 sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/find/gvfRnh.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=PhotoScape, datetime=2014:10:29 20:27:15], baseline, precision 8, 1920x1064, components 3\012- data
Size 116 kB (116389 bytes)
Hash 129d797a9f7c946883b0d1371b0f3867
c001f4d7b1e3cb058cc6b043eb0a206cc716028f
6cf9dada0d0cfd144034f31f050154491436ad59f1eaa7ba128c5f2eec41cc4a
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/find/gvfRnh.jpg HTTP/1.1
Host: sproy.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sproy.in/ewBHGwrsfv/8aa496661d5efbba962063da01e6ebInv571fd7a995filedc37f33601e632893bfbad201909301559335667a357907201897430.pdf-net/login.php?hdhd92820df8angf264s9df23sd2f1n495K3L2C151645172991f1477dbd26917ef3822423f62e984a91f1477dbd26917ef3822423f62e984a91f1477dbd
Cookie: PHPSESSID=09ca238586f48281f47391af1ba4908b
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:08:39 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 05:44:20 GMT
Accept-Ranges: bytes
Content-Length: 116389
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2Wchedtl13Owv7acj4hBGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hv2PZy50VaXL8o4lJF5y+f7K7Eo=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670365389989%22
200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670365389989%22
IP
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash c14ae6caad11b9752562ac35aad2e4f9
edccf6748d9c45ad85177c273ba2f3c8ee36f241
e95fda0fc015ba2ad5ebf52e10079641892be0daea4c89b43eff71c9900dabcf
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670365389989%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 06 Dec 2022 22:26:57 GMT
cache-control: public,max-age=3600
last-modified: Tue, 06 Dec 2022 22:23:09 GMT
content-type: application/json
age: 2504
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22
200 OK 6.9 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22
IP
File type JSON data\012- , ASCII text, with very long lines (6883), with no line terminators
Hash 8a5e09f5fb8417b5618e87d18d325721
c48523de09554c2dcb2cd6241bfeeaaec2803fb8
515c738bf239a57be380cb1cfe70051112b0218858fcbc9843702c7801ea60be
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6883
via: 1.1 google
date: Tue, 06 Dec 2022 22:12:07 GMT
cache-control: public,max-age=3600
age: 3394
last-modified: Wed, 30 Nov 2022 12:37:17 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: TNYYMDYfB/FtVX+7h40dITAGXBm1Aaf3nW7EldyhRAMLFNqQ1SqXpx/FMIKQlI57ncRROBA+rRY=
x-amz-request-id: HCE4FNFCWNA0E1J1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 22:48:02 GMT
age: 1239
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670356517512&_since=%221666483264567%22
200 OK 54 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670356517512&_since=%221666483264567%22
IP
File type JSON data\012- , ASCII text, with very long lines (53769), with no line terminators
Hash 60c101350904e0a0fabe7d8570a24f4e
56195f5b59245606d200c0ca93977bfa308509b5
f882970178693c070150e708aa12d85883064211c84531aa281ba417aec69989
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670356517512&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 53769
via: 1.1 google
date: Tue, 06 Dec 2022 23:06:44 GMT
cache-control: public,max-age=3600
age: 117
last-modified: Tue, 06 Dec 2022 19:55:17 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: wvHIf4k4pa+15jN9NpSg5MlbGsSqRyBbjurAGhAuSQD5VTVuhzTGIN3TxYot6zUFvCqpVWhg6Sk=
x-amz-request-id: AVTQJG04AFV50CR1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 22:47:16 GMT
age: 1285
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670353428333&_since=%221666279968541%22
200 OK 52 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670353428333&_since=%221666279968541%22
IP
File type ASCII text, with very long lines (51469), with no line terminators
Hash df6ea0251f061b6312696d157669aa7c
16bc688a055f8730bb9ac9fd808d0e5d87e9f744
b50cd796e08214777358f3d07a48190dce25ea6982f0c613a2aa0deee78ae4d8
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670353428333&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51469
via: 1.1 google
date: Tue, 06 Dec 2022 22:22:27 GMT
cache-control: public,max-age=3600
age: 2775
last-modified: Tue, 06 Dec 2022 19:03:48 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670346893442&_since=%221665698079854%22
200 OK 929 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670346893442&_since=%221665698079854%22
IP
File type JSON data\012- , ASCII text, with very long lines (929), with no line terminators
Hash 28f657aede4880783477ffd8fc8ea919
76477c5d92ede32a1d1ebeaaf78d79fbee7c2ad9
f507f6bd466cfcb0cfc393f4fcd9b873106be540d046018a6198491c14394264
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670346893442&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 929
via: 1.1 google
date: Tue, 06 Dec 2022 22:15:12 GMT
cache-control: public,max-age=3600
age: 3210
last-modified: Tue, 06 Dec 2022 17:14:53 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 730583ac85dd27656bad88150567d34a
c05375ce2016cc335fffbfc76974348032951545
07ef5576f95557ec9f756e4ddfba277e3308d897c86ad5bc9dcd6e8e7270fb26
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Tue, 06 Dec 2022 22:39:39 GMT
cache-control: public,max-age=3600
age: 1743
last-modified: Mon, 05 Dec 2022 16:36:54 GMT
etag: "1670258214122"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 53a3f7b3b704cfaf73db62670e538a5b
f92fbcd2c053cc26fe81474c19bfcf3fd94e901e
d5a8da9110e55a35fc8d1f47cd54e84ab99f26d25bd1a4325bdff8bfa76c0ac7
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Tue, 06 Dec 2022 22:12:10 GMT
cache-control: public,max-age=3600
age: 3392
last-modified: Mon, 05 Dec 2022 16:36:43 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 5506ce693edc810aad75bdb6c06d2995
97d323e096862e4274b08587d81810fd86cc98f9
08f697c9426a4fb6003aaf14323813c55a82a6640db202c43011d2551f278970
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 06 Dec 2022 22:57:59 GMT
cache-control: public,max-age=3600
age: 643
last-modified: Thu, 01 Dec 2022 16:36:43 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
IP
File type JSON data\012- , ASCII text, with very long lines (1681), with no line terminators
Hash af79074b29e42f4e5be6b1e10e2af516
11fbd0f05beb0aaf0f0f7c699a124bbfff71be07
860c337ae66ebf02db30e18992dfddec6b9df1cab60d84fe3f061aa674d41be4
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1681
via: 1.1 google
date: Tue, 06 Dec 2022 22:11:28 GMT
cache-control: public,max-age=3600
age: 3434
last-modified: Thu, 01 Dec 2022 14:23:14 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 23:08:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 23:08:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 23:08:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b079607b368263e3517dd30250f5f2af
a1b7863c70f1d501560a5b2fb4442f4835f94341
e7ed3ed2aca312d82fb017e06c6493fafffff9a603d1498c9c05355c08b444e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: 355ca338-7d8e-4a60-a491-0509d0ff32d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirF3DIAMF-vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5bff7b5b3984102e1ef0e737;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RlnA4SSUIbIVtGBxqBtabKw58aXWE-jGIKLZ4DnoTiGzvH5bzBOUbA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "a1b7863c70f1d501560a5b2fb4442f4835f94341"
content-type: image/jpeg
age: 4283
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b89a7fe1080499e4f7171f962b57fec4
62ef59be034071e667e3476ea0740077c86778c1
e17432ce6af0006ba36fd43e13c56c1bd1dd9b1d1bc250309bc2731ac8f52abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8906
x-amzn-requestid: 453c8d4f-205d-46ac-8d24-1c9849d71419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvmAyEMnoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb6d1-7b5051335073a5d2339e02e1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:40:33 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2LpJmaGp8UzaZHqa9WtCTvFq0oQYOVNAdKBdYHURf2d2v5fh7j44uQ==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
age: 4283
etag: "62ef59be034071e667e3476ea0740077c86778c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 10:08:58 GMT
age: 46784
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cefc5a863db79a7a8acd7366322ea34d
ec084f21bd0bcf5c101366e5732421835b3230d3
ee5a022da888181060a9d4ac8ab18fb8e35143b5f046f905d38553b9552f0bbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3175
x-amzn-requestid: 3b5ffd5c-a8a5-40d8-b370-c13b0da5f543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csXJEF0hIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6bd3-40d73fc5702a607c4ef71574;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gNK10oIddAZwVCL8NzMqRxFQcLA2VOGXu5y-Pk77re_DWmyeTugluQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:47:31 GMT
age: 66071
etag: "ec084f21bd0bcf5c101366e5732421835b3230d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6f4dd03deb6114fec01808b034a711c
c74d29bba44dbb09158da4b9e1b490112c7db915
ddc6721d8a42821c458cf6d5c64ebd10ca0002c95a275be1732cd9ade7bf1b6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10567
x-amzn-requestid: b9b16cdf-bfa2-4e3c-b00f-1704dd3473d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgIC6EgLoAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638986df-3945eea57676d3f91f8f2b3c;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 05:02:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jq1EHQBqVeb9KBozcSUpieXUDHhouxr6YkJrhiqqZ4VP1ZwPV6LHEA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:36:00 GMT
age: 1962
etag: "c74d29bba44dbb09158da4b9e1b490112c7db915"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:32:46 GMT
age: 52556
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
162.241.126.53
23.36.76.226
93.184.220.29