Report - teruggavetabel2022.ddns.net/kbc/a1b2c3/678dfcb3cd8231f27dc95c7235845fe3/start/

Report Overview

Submitted URL
teruggavetabel2022.ddns.net/kbc/a1b2c3/678dfcb3cd8231f27dc95c7235845fe3/start/
IP
0.0.0.0
ASN
#0
Submitted
2023-03-12 01:13:59
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox-settings-attachments.cdn.mozilla.net	11509	2019-11-30T10:32:57Z	2023-03-25T05:16:23Z	412 B	808 kB	34.111.73.144
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	3.2 kB	52 kB	34.120.237.76
detectportal.firefox.com	1601	2018-08-30T11:52:03Z	2023-03-25T05:10:53Z	606 B	428 B	34.107.221.82
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-25T05:09:35Z	435 B	40 kB	34.120.5.221
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	840 B	12 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-25T04:18:49Z	341 B	739 B	192.229.221.95
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	52.13.249.229
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-25T05:16:22Z	453 B	204 B	52.11.30.235
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	3.0 kB	8.0 kB	95.101.11.115
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	8.1 kB	256 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-12 01:13:42	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-03-12 01:13:42	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-03-12 01:13:43	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (42)

	URL	IP	Response	Size
	detectportal.firefox.com/success.txt?ipv4	34.107.221.82	200 OK	8 B
URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4 IP 34.107.221.82:0 ASN #15169 GOOGLE File type ASCII text Size 8 B (8 bytes) Hash ae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 HTTP Headers `GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Length: 8 Via: 1.1 google Date: Sat, 11 Mar 2023 15:23:35 GMT Age: 35407 Content-Type: text/plain Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9ce33c47154f4826255fe9bbe54d72be e10a363c007a6d15ed43eb35b4e5c246d85c5eed cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24" Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20397 Expires: Sun, 12 Mar 2023 06:53:39 GMT Date: Sun, 12 Mar 2023 01:13:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a86f9f278bfd94c396eee60204ee33c8 fd4b187ce2439b6330264e7f73713e3bd002a489 fb9e5ea6dc1eb3bbbc836695de02dcf54732c32f3077cc1992468f61ebea794e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FB9E5EA6DC1EB3BBBC836695DE02DCF54732C32F3077CC1992468F61EBEA794E" Last-Modified: Fri, 10 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11394 Expires: Sun, 12 Mar 2023 04:23:36 GMT Date: Sun, 12 Mar 2023 01:13:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1a564ae484daef6a82bb08116ad794eb f75350abf28a42c16324901035889a1f3af700a1 225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B" Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14327 Expires: Sun, 12 Mar 2023 05:12:29 GMT Date: Sun, 12 Mar 2023 01:13:42 GMT Connection: keep-alive`

	getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30	34.120.5.221	200 OK	39 kB
URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 IP 34.120.5.221:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size 39 kB (39084 bytes) Hash ae7cdc28d370394ffb33a6ab7116b6e8 6f4c529537b78c7b2529058105cf68f4e9ed452a d822bea4bd5e3ab054e730077ca8dce30afa47dc328bf135178f95ad28f37dbb HTTP Headers `GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 Host: getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx content-location: global-recs.php tcn: choice x-frame-options: SAMEORIGIN status: 200 OK x-source: Pocket pragma: cache p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE" x-cache: Miss from cloudfront x-amz-cf-pop: SEA73-P2 x-amz-cf-id: odgC-xcrk_9RF3zTlfIkvQmA_Zueb4wzZfRPs40armpkTpPhJHVFOw== content-encoding: gzip via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google date: Sun, 12 Mar 2023 01:09:19 GMT content-type: application/json vary: Accept-Encoding content-length: 39084 age: 263 cache-control: s-maxage=900,public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: jCP3XeRsKiXUykAw6Wm+xklBdJ0mbQB6liLHHXDVQHVKnbfQsekYoBf+YE+J8cIopv0RnFrhSw4= x-amz-request-id: 4F9044HJH6Z521T7 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 12 Mar 2023 01:00:27 GMT age: 795 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 12 Mar 2023 01:13:42 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 99824e6e553dd5649b1d199589a6dab2 00b2c24f6ef22620045c3b2ef7a63ea9ac8cc0a2 3a4695284040436fd256023da7d39bab8b16f8a2d4f7105c0f995f610dcab2d2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3A4695284040436FD256023DA7D39BAB8B16F8A2D4F7105C0F995F610DCAB2D2" Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7635 Expires: Sun, 12 Mar 2023 03:20:57 GMT Date: Sun, 12 Mar 2023 01:13:42 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 12 Mar 2023 01:09:10 GMT content-type: application/json age: 272 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	detectportal.firefox.com/success.txt?ipv4	34.107.221.82	200 OK	8 B
URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4 IP 34.107.221.82:0 ASN #15169 GOOGLE File type ASCII text Size 8 B (8 bytes) Hash ae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 HTTP Headers `GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Length: 8 Via: 1.1 google Date: Sat, 11 Mar 2023 15:23:35 GMT Age: 35407 Content-Type: text/plain Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 12 Mar 2023 01:12:31 GMT age: 72 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 34074a698d329d4ef360e4e7e1d233e6 6b6a57a57c5b9e486faf50ff03acfd0ba2c13f14 bf3031c8640f9bc3d1ab94e5e45cdba32f39cc4590f11821317fdce573012fb9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BF3031C8640F9BC3D1AB94E5E45CDBA32F39CC4590F11821317FDCE573012FB9" Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3108 Expires: Sun, 12 Mar 2023 02:05:31 GMT Date: Sun, 12 Mar 2023 01:13:43 GMT Connection: keep-alive`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash cdba757c67ed11f77d4bbe077c515a2f de5484b5bc34d9c36829f3e854a89b0d685f4fc8 dc0ec77b9c55e529698a8a2768f974e9017a4dad190447c6121e8ecd976a6eb4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5801 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 01:13:43 GMT Last-Modified: Sat, 11 Mar 2023 23:37:02 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 471`

	push.services.mozilla.com/	52.13.249.229	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.13.249.229:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ypGZRYZp0Iinkx8S9EEWEw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: xPaFaNdIuiAShtydzGfEO2VeAkA=`

	firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221678568236249%22	35.241.9.150	200 OK	22 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221678568236249%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators Size 22 kB (22067 bytes) Hash 196e3940c11b8376e45859111b43ef0f 3e24555b7ddd68c993bb37f669d64697a020ac0f f2bf58a8b1e391900d5afc202b41058c33a8d06bc9d8d8784f45569e7aa8a887 HTTP Headers `GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221678568236249%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 22067 via: 1.1 google date: Sun, 12 Mar 2023 01:02:01 GMT age: 702 last-modified: Sat, 11 Mar 2023 20:57:16 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22	35.241.9.150	200 OK	9.1 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (9105), with no line terminators Size 9.1 kB (9105 bytes) Hash b133f3016a86778a3209d04556a44e32 347c03ef016a2475b07a4dfad57fa87f3c3f499c 187b48ee1f810ea16219ead8790471f44d911bbb4d98b85ff94996c0f6abecfe HTTP Headers `GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 9105 via: 1.1 google date: Sun, 12 Mar 2023 00:55:36 GMT age: 1087 last-modified: Sat, 11 Mar 2023 16:36:43 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash b5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK x-amz-id-2: 7pLDU+XWiGr317kIJzKYIweKRuHm82ENNLDQwAQ/FKTeY9uOlScnQdJSuwKfpUhUTBPcTtXc0pg= x-amz-request-id: F3PMDYEWD858YTDZ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 12 Mar 2023 00:19:29 GMT age: 3254 last-modified: Sat, 18 Feb 2023 20:28:27 GMT etag: "b5ba6334e73496995e3e3a9ecd0eb323" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1678235841178&_since=%221666204638208%22	35.241.9.150	200 OK	39 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1678235841178&_since=%221666204638208%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (38565), with no line terminators Size 39 kB (38565 bytes) Hash 92d8254fc225725cb2c00e73b29b2ae4 467765c66cea430f5777a04ffe29e08b9ac4d6a0 db6b068d9a92b115b989a81f8d1a9411cdee0957ea9088127ab39978cbd3199f HTTP Headers `GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1678235841178&_since=%221666204638208%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 38565 via: 1.1 google date: Sun, 12 Mar 2023 00:35:44 GMT age: 2279 last-modified: Wed, 08 Mar 2023 00:37:21 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2	52.11.30.235	200 OK	8 B
URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 IP 52.11.30.235:0 ASN #16509 AMAZON-02 File type ASCII text Size 8 B (8 bytes) Hash 29fc57841962e407cb50c1be60284bf7 ce968a77e2996da5eee8925182318f171ccdce47 ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b HTTP Headers `POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 Host: shavar.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 773 Connection: close Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: none Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Sun, 12 Mar 2023 01:13:43 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 8 Connection: Close`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 12 Mar 2023 00:13:54 GMT content-type: application/json age: 3590 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8b7913b6c169db0dea2e8e6f8aedb024 0d625f2005946d39426bf930b0bb00e2720b5964 4b06dbc6e4297f8d32b61e14162b51ba6dd10420fcd42ef52217b6d51fb91de6 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4B06DBC6E4297F8D32B61E14162B51BA6DD10420FCD42EF52217B6D51FB91DE6" Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15574 Expires: Sun, 12 Mar 2023 05:33:18 GMT Date: Sun, 12 Mar 2023 01:13:44 GMT Connection: keep-alive`

	firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin	34.111.73.144	200 OK	807 kB
URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin IP 34.111.73.144:0 ASN #15169 GOOGLE File type data Size 807 kB (807180 bytes) Hash 914be443bdfbe8a1c3ded61e1c114bd6 4fe7c5ff83f6a29e6699f4cebc17550891504661 41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857 HTTP Headers `GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1 Host: firefox-settings-attachments.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: EGrrl3iHnmN/7WEJX7kls5Q5g248hcG7vM+TZBSUxNBwSsiJN9PKyCrI958muBGg9gOEKMNx3S0= x-amz-request-id: 6F8R8QJC1A5JXHFK x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7 accept-ranges: bytes server: AmazonS3 content-length: 807180 via: 1.1 google date: Wed, 08 Mar 2023 12:56:00 GMT age: 303464 last-modified: Tue, 10 Jan 2023 12:38:46 GMT etag: "914be443bdfbe8a1c3ded61e1c114bd6" content-type: application/octet-stream cache-control: public,max-age=604800 alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678508165816&_since=%221666279968541%22	35.241.9.150	200 OK	83 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678508165816&_since=%221666279968541%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 83 kB (83206 bytes) Hash 8cbb6364d2a3045c368172f7e55b823f 1150a575f7dcbb58f3e1107783b4b24f14ddbba0 6cfa05c9a410424eb22d950935f8ec01859ccbea8d8cd1f5a6d4c77ad49cca2c HTTP Headers `GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678508165816&_since=%221666279968541%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 83206 via: 1.1 google date: Sun, 12 Mar 2023 01:02:41 GMT age: 663 last-modified: Sat, 11 Mar 2023 04:16:05 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1678492875047&_since=%221666483264567%22	35.241.9.150	200 OK	52 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1678492875047&_since=%221666483264567%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (52321), with no line terminators Size 52 kB (52321 bytes) Hash f279a03d40758c3cba1e62f4666213f9 325b31725e101a54937059537a96f3217aa2ba8c 8f18187378a90807a595a601c4b6fdced77c296d97eb54e0d6eb45f0b82e0b02 HTTP Headers GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1678492875047&_since=%221666483264567%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 52321 via: 1.1 google date: Sun, 12 Mar 2023 01:02:41 GMT age: 663 last-modified: Sat, 11 Mar 2023 00:01:15 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22	35.241.9.150	200 OK	22 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (22470), with no line terminators Size 22 kB (22470 bytes) Hash 874fe8a0b671cc454b734f04aa4ebed5 e50f692b68926aecd7c29a5bc7742e86b5b6c946 9869c97439e63c2e52c9cf89d0c7a3ea47fd8331f465854723f546f214850722 HTTP Headers `GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 22470 via: 1.1 google date: Sun, 12 Mar 2023 00:36:32 GMT age: 2232 last-modified: Fri, 10 Mar 2023 16:36:45 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22	35.241.9.150	200 OK	2.4 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators Size 2.4 kB (2387 bytes) Hash 17cea9e6c9b3440a87e38aff3317f59d df7868616abeba4ecc07a67645eec3d92822f1c8 c9572b650ea3b016147836e1c4d7c5daeff8b8f09d397a1d6421174514d1a013 HTTP Headers `GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 2387 via: 1.1 google date: Sun, 12 Mar 2023 00:32:36 GMT age: 2468 last-modified: Fri, 10 Mar 2023 16:36:44 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258	35.241.9.150	200 OK	681 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators Size 681 B (681 bytes) Hash 06849396e8224a632b1b6080df499692 3543fd58ea1aaa0a43a050c359e597ebf0be27a4 87d936fd01217124eceb639d7cca0d4a597f794c7fa6a22fed46312918c079f4 HTTP Headers `GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 681 via: 1.1 google date: Sun, 12 Mar 2023 00:35:18 GMT age: 2306 last-modified: Thu, 09 Mar 2023 16:36:57 GMT etag: "1678379817030" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22	35.241.9.150	200 OK	1.7 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1718), with no line terminators Size 1.7 kB (1718 bytes) Hash 136242fe65a8e0feeddc1d2ee231be10 a79f677c8972c90507bfda2fba3614754e1bf899 ccc405689ffa5bcdd43e4c4cc94ed9284e0f20e20281c6a3b2820ab341ef92e5 HTTP Headers `GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1718 via: 1.1 google date: Sun, 12 Mar 2023 00:27:56 GMT age: 2748 last-modified: Thu, 09 Mar 2023 16:36:47 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22	35.241.9.150	200 OK	1.3 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators Size 1.3 kB (1250 bytes) Hash 3987da189d430f8c568fc6bb0bf9a703 48795f72dfddb19bd913d71b40a7ad5fa538e14b b85cf27c188a5d9da197fa766f99f9fe9d1bb665f4c318bec000cf637bdbb169 HTTP Headers `GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1250 via: 1.1 google date: Sun, 12 Mar 2023 00:29:39 GMT age: 2645 last-modified: Thu, 09 Mar 2023 16:36:46 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22	35.241.9.150	200 OK	1.7 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators Size 1.7 kB (1742 bytes) Hash ff48c589b33d4a42f5ff4024bc41478a 1906eff2f35e545df5669685709dfcc44756fd93 3fe886730727c42da4e4f9a2ac3038f0e9d5708ef34bb5f02356efda7e2bb7b8 HTTP Headers `GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1742 via: 1.1 google date: Sun, 12 Mar 2023 00:45:07 GMT age: 1717 last-modified: Thu, 09 Mar 2023 16:36:45 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22	35.241.9.150	200 OK	1.5 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators Size 1.5 kB (1505 bytes) Hash 26f956e8a298cd002dc7a269de09a20b 24b54d7e7ca0248edbe06641628816e3837e6a0c fb2123010d1495facec75fd27e52e18daa1eed8f2bdf9de2656d3410632d7334 HTTP Headers `GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1505 via: 1.1 google date: Sun, 12 Mar 2023 01:02:41 GMT age: 663 last-modified: Tue, 07 Mar 2023 16:36:48 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22	35.241.9.150	200 OK	935 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators Size 935 B (935 bytes) Hash 378c6ec9df2ec5293661e0c9147a6e41 ae37594f50234ff3d9e633da61e9c396a3cc64fc 1cab8bc35416690ca039bfe690140f0a7bde440c909cd55b3de8f0e0d18fda11 HTTP Headers `GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 935 via: 1.1 google date: Sun, 12 Mar 2023 00:38:52 GMT age: 2092 last-modified: Tue, 07 Mar 2023 16:36:46 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22	35.241.9.150	200 OK	7.0 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators Size 7.0 kB (6983 bytes) Hash 789a069349090c38b1045f1c53560dfb a26c90aa66c299cc87b74e28d726da130b30cc75 0c068d5a0f3167ec4ed4bf171bbabacf1fd871ad81fa03d9d879feb4961fb18f HTTP Headers `GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 6983 via: 1.1 google date: Sun, 12 Mar 2023 01:08:36 GMT age: 308 last-modified: Tue, 07 Mar 2023 15:15:19 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2573307db8caef0a070ba3ebd4f61e2e 28e8cb63280e9b5e4184017cb22aa5f197007450 87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818" Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2192 Expires: Sun, 12 Mar 2023 01:50:16 GMT Date: Sun, 12 Mar 2023 01:13:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2573307db8caef0a070ba3ebd4f61e2e 28e8cb63280e9b5e4184017cb22aa5f197007450 87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818" Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2192 Expires: Sun, 12 Mar 2023 01:50:16 GMT Date: Sun, 12 Mar 2023 01:13:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2573307db8caef0a070ba3ebd4f61e2e 28e8cb63280e9b5e4184017cb22aa5f197007450 87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818" Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2192 Expires: Sun, 12 Mar 2023 01:50:16 GMT Date: Sun, 12 Mar 2023 01:13:44 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4512 bytes) Hash 26033b42139d27c847cf9881a17e0332 b196fbef36c2a5242abfc5d7115f1efd39499453 028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4512 x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BotIeGZ-IAMFmBQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: wkfdSY68kDN6OsZ-rUHVYuqwBOHFh2lupX6GUYdmi25d3Ae2CEl6vw== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:40:57 GMT age: 12767 etag: "b196fbef36c2a5242abfc5d7115f1efd39499453" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp	34.120.237.76	200 OK	3.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.7 kB (3749 bytes) Hash 7a260ac2164ba9dcf80a9d9785b00b64 8440defe1b992f47d6cc744ea89149f570129630 06f9cd692a85c54e65efba8deded48dbd13fb4bac84e5adb601b6dd872037d9a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3749 x-amzn-requestid: 21224146-a517-4aa7-9107-eb0f533d5b62 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Bosz6E4IIAMFZUQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf4e5-6e6b5aa1791c251476ab1627;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 7-WzINx5n-GoaLcRiz4OfIWSLZnNC4dsN75io8AMN3mGPEL39sXt9w== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:57:02 GMT age: 11802 etag: "8440defe1b992f47d6cc744ea89149f570129630" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg	34.120.237.76	200 OK	8.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.2 kB (8229 bytes) Hash eec0a8ace7d436f1b1274597ce85d1e5 b77e1a9598e9623fa633adc18cf1109420f93f85 aae51362b60519c7193c4c8b71215147d382e337ac257ce1aed362b05f840db9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8229 x-amzn-requestid: d45ea140-a43e-4c2d-8aea-0f15df3f2385 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BoszIHh_IAMF-qg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf4e0-714cd100321abf0f2b27939d;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:40 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: MWzxECUzh6ZVuXfHr8wzJEcfxJbVgK8sM_wYPGALRCwbCW-h4HpK_Q== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:57:00 GMT age: 11804 etag: "b77e1a9598e9623fa633adc18cf1109420f93f85" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8487 bytes) Hash be71491cee9b47dc3ffb23b4fdff25b3 79c7d22c8df6d305f46c5779ccb9f25169d4d111 e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8487 x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BkEcBGizoAMFgOA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0 x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:42:25 GMT age: 12679 etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadb67293-98ca-46f9-9626-0fdc2b3607f1.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadb67293-98ca-46f9-9626-0fdc2b3607f1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11575 bytes) Hash 3758d9695ad881041587efdf68c75cb6 234720cec03e5bca4269c85eff6e98cf83a68417 7a01c86ec4b12c13b3aff4d36abec7c81110af4b1d30c036ba83b19d6aa43f9f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadb67293-98ca-46f9-9626-0fdc2b3607f1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11575 x-amzn-requestid: 50efdf75-0e90-4442-823f-5d4d3b9b2c6e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BotK5FrXIAMFkIg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf578-12d61d395b5bf4bd0d21a737;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:41:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: JnfdvK366uXy83DrdBGRb51HkX9Gwkmhu0_c_-W8B6uiucELJcja_Q== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:57:01 GMT etag: "234720cec03e5bca4269c85eff6e98cf83a68417" content-type: image/jpeg age: 11803 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8845 bytes) Hash 2fd5c28821c8bf2d62d0c4332f06bd71 6e2c08457854437b2b851340277d31439e5ab470 86725a37e80a10c5b0b52a10e498225d97565752ec25303cb159a34386a49523 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8845 x-amzn-requestid: b556bc0e-9cf5-4062-9df4-0ccee00cbab2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BoswFH5soAMF2SQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf4cd-0ba8e60549c78f9d3b720a20;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: NkwWf1xpGvLrLBG0HbYXV5VH69eG_pxwZtI2-Kp_pilWEmUywXihGQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 22:15:44 GMT etag: "6e2c08457854437b2b851340277d31439e5ab470" content-type: image/jpeg age: 10680 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (42)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type