Report - ap-southeast-2.actionstep.com/mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file

Report Overview

Submitted URL
ap-southeast-2.actionstep.com/mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file_id/118249
IP
13.238.250.3
ASN
#16509 AMAZON-02
Submitted
2023-01-26 23:10:42
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.82.246.186
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	54.230.245.39
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
cdn.actionstep.com	781305	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	200 kB	54.230.111.67
go.actionstep.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	89 kB	13.54.106.25
heapanalytics.com	27367	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	618 B	361 B	3.232.171.121
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ap-southeast-2.actionstep.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	524 B	383 B	3.105.77.143
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	21 kB	142.250.74.46
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	45 kB	142.250.74.168
ocsp.r2m02.amazontrust.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	54.230.80.227
update.studio3t.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	264 B	481 B	54.230.111.60
cdn.heapanalytics.com	3660	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	583 B	54.230.111.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-26 23:10:32	medium	54.230.111.60	Client IP	ET POLICY Executable served from Amazon S3
2023-01-26 23:10:32	high	54.230.111.60	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	go.actionstep.com/frontend/application/auth/login	1.4 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/frontend/application/auth/login IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash e7ea1a2618ffc778313cbee75b96f96b d41c1b6dfee6b782d247fa10aaca3f3e4a52e11b 600cc0855318fe3b87f3120e3a3996dfe149bec5d9d68f52306a476f71df288a Loading...

	cdn.heapanalytics.com/js/heap-4245481937.js	139 kB	2023-03-13	2023-03-13
Pretty URL cdn.heapanalytics.com/js/heap-4245481937.js IP 54.230.111.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash f4272b361eb2b8a560452ab5d5f7d548 dcd87199167b60bc0abdaf0df897b561a46d6e85 2d79f682293d14869c9a30d9d8c03dbb4ef9b0fe8652ab341a3f0f9002d3eff8 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	ap-southeast-2.actionstep.com/mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file_id/118249	108 B	2023-03-13	2023-03-13
Pretty URL ap-southeast-2.actionstep.com/mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file_id/118249 IP 3.105.77.143 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 2b90c5a1337ffdea520ca3025f9d8c2b 4ae042b67de0f84a81b4c2b9a1850a88f459d847 338d9774412629095e0d2edf25ef15c19ce80724f28b25ea7cf4f90a8993fd4f Loading...

	go.actionstep.com/dist/frontend/library/ActionStep/BrowserTests.js?291816	7.2 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/dist/frontend/library/ActionStep/BrowserTests.js?291816 IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash f4f6406acf8c92f3e0c800fdfc696d7d bae42142378d26a2c9b304ea3db253dcb8cd089f 60a97e71aa1ec3f790e122e315737b9e86381866667bbfcb33a675c726182a3e Loading...

	go.actionstep.com/dist/frontend/application/layout/Form.js?291816	4.2 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/dist/frontend/application/layout/Form.js?291816 IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash b5a9b69291e577629455e84c52353eb1 ccadd7dc900775699afcef5725417a1619e66630 9ffc843af313a8075c361d5af7b30988a4c898148b74cebe7ae717f66471b9b2 Loading...

	go.actionstep.com/frontend/application/auth/login	182 B	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/frontend/application/auth/login IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 100479423de5839f59ea0efed0ce3840 bdc74ef27ae9a14c946354d81bed49d5e0610dd3 04c3f5ad4b1ad6c03f7c79bbd5a890c64638b2bfebbb94b437d0854ad3f5c560 Loading...

	www.googletagmanager.com/gtag/js?id=UA-24288898-1	113 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-24288898-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 42aeaa8a0f503a9cadf4910f26102357 9df5898b1e41628bf620b88aad8e9259d4e253db 6611dbae5625a53b3bc41a7cfc1c84e2edaeb0b7337d4ec5a963edf255438948 Loading...

	go.actionstep.com/dist/frontend/library/jQuery/jquery.js?022232	101 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/dist/frontend/library/jQuery/jquery.js?022232 IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 67139d5be668095c856a2c17f917a53d e2b4061796a43a8023c06523d517b15a2b67dee7 af5cb728c5853f16976622aa0b64e5c179e566239e29099a79f228c23b11ef28 Loading...

	go.actionstep.com/dist/frontend/library/jQuery/jquery-ui.js?291816	139 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/dist/frontend/library/jQuery/jquery-ui.js?291816 IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash f37ddabcbd968dc97c8b0d6a13b57afd fd1ce0f2ffd26dbeaeb469b344a44bff4c694b1a fa43ad86712148b9a73f1b753bea516ac38ef911c46e3e8b69daf29aae5e1fbd Loading...

	go.actionstep.com/dist/frontend/application/modules/application/auth/Login.js?291816	1.4 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/dist/frontend/application/modules/application/auth/Login.js?291816 IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 917e53e4bfa3d858db6841ebf08d725a 639f6f4790faba1703020806fb8f0670f768b9d9 b9bded28c0148450bfa508da29f406662041dd119c6cdd0232ce8ec99f68bc50 Loading...

	go.actionstep.com/frontend/application/auth/login	44 B	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/frontend/application/auth/login IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 9b4f66918315c31a08c808c035c1d816 8c6633f67ec14fd32b64007c48b221ee0259211d 2a9267a3f5e1a556772cd67b3ebcc09d55558e79218f5b0f833fdf0f19aafb6c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PFX9RJR	124 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PFX9RJR IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash a6dc141e0379af25d67f5718f6654d4c 8821f7d40a482e70c0dcbc826e94d1f3071c31f9 0b5576639e7149c5bee2a2e9599317068fbb50d251529b6ea993f52d7f4a18ab Loading...

	go.actionstep.com/dist/frontend/application/layout/Layout.js?122212	2.5 kB	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/dist/frontend/application/layout/Layout.js?122212 IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 5eea71137450edb972fe769de57e927d 13183dba776e188cfa1f893269a6408ade37392e 27da9a7e1663a850d30bedb3d69ae30cf5db4a999368c85e7e5be397d76b712f Loading...

	go.actionstep.com/dist/frontend/library/jQuery/plugins/jquery.cookie.js?291816	1.6 kB	2023-03-07	2024-04-19
Pretty URL go.actionstep.com/dist/frontend/library/jQuery/plugins/jquery.cookie.js?291816 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:09:43 Last Seen2024-04-19 07:10:17 Times Seen148 Hash be7df79517cbc68fb017b0b80e5d76be f0a3b6fe3c9c7704266957f1ea729e2d2964ff1a 47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496 Loading...

	go.actionstep.com/frontend/application/auth/login	389 B	2023-03-13	2023-03-13
Pretty URL go.actionstep.com/frontend/application/auth/login IP 13.54.106.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:52:05 Last Seen2023-03-13 07:52:05 Times Seen1 Hash 737c3b6874a05f89b48eb08295a91ea2 5bac3a9df5f6d8649b2e6fc1b0fd618f6ed4433e 62cd10237cec3eb1c6fe3c2c23f02a85430dd43592ce98360bea7a6fd45fe749 Loading...

HTTP Transactions (48)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10978
Expires: Fri, 27 Jan 2023 02:13:30 GMT
Date: Thu, 26 Jan 2023 23:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5892
Expires: Fri, 27 Jan 2023 00:48:44 GMT
Date: Thu, 26 Jan 2023 23:10:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 22:42:56 GMT
content-type: application/json
age: 1656
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12028
Expires: Fri, 27 Jan 2023 02:31:00 GMT
Date: Thu, 26 Jan 2023 23:10:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gbiLOX8cFd0rjr3bzk3zfBw8fXDL+5+QLvIX9XPmy5rwtvHLoDHL96ZIAG0blgSC3+n0nLXGiA4=
x-amz-request-id: 743ZSMNKQKW1TTEQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 22:20:17 GMT
age: 3015
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:10:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 22:41:40 GMT
age: 1732
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14876
Expires: Fri, 27 Jan 2023 03:18:28 GMT
Date: Thu, 26 Jan 2023 23:10:32 GMT
Connection: keep-alive

push.services.mozilla.com/

35.82.246.186

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.246.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7TAsKh+XtZYBbgXphGs09A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vxbYIE3ly3J7PcquSlDpurAyZ9k=

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
07161a64d4a2117ba22df2c9eff3c2bf
683b99d7add157e6cf91e92d270123f4ad69094f
5028a9bd4b1e243f8ce212ce4f3bd0b39a1a5fcddc4853d4ae91e22c16c1b78d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:10:33 GMT
Etag: "63d0c413-1d7"
Last-Modified: Thu, 26 Jan 2023 22:40:17 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8MWTLUax8Wuc07byUdlVi-P9cyrBhndcGZhVTeZ6Ojw728xNvNj23w==
Age: 1816

ap-southeast-2.actionstep.com/mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file_id/118249

3.105.77.143

200 OK

133 B

URL HTTP/1.1
ap-southeast-2.actionstep.com/mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file_id/118249
IP
3.105.77.143:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
133 B (133 bytes)
Hash
6e6a91cb6196a05dfa304ca27a6abbe7
9afaa4ba332a8be647e44a61ab541cd00e3f7614
2f9f7b4bc3e18ed5a98f5c4f5efccfff371864d04e0b0b0a8a5c721ad8cfee87

HTTP Headers

GET /mym/asfw/workflow/document/preview/action_id/1724/instance_id/DL/file_id/118249 HTTP/1.1
Host: ap-southeast-2.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:10:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3520
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 23:10:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3520
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 23:10:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3520
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 23:10:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3520
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 23:10:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8065 bytes)
Hash
262b43386e404cb3d320c47c4cf792c1
87f304f8583fe6b6e942a9dbcb5efb5ee94987f2
ca0f72005920b2b2f49c387314540f3cd2f3d7808f0365dfb1c491500e8a8714

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8065
x-amzn-requestid: 4a4a6d4c-9c4b-418d-be96-8a0d1de4828a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuHZsoAMFmWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-74c21aa22d11c4240019a4b3;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TXXkkbJHyvwrly_-5FH0EIkRm4EwlDJxGWBHcbwax2H_ccfMfs-5PQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 5006
etag: "87f304f8583fe6b6e942a9dbcb5efb5ee94987f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12508 bytes)
Hash
bad60daf652c598a06510ff955137b69
235bf4642e726bb6a303fe1b69238e2e973414cb
d655c5ac17274a30a89c31674e14dc9c1b6bc39bfff94db1c9ff0d8006bb673b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12508
x-amzn-requestid: 68787c38-72fe-4d8a-9521-aeb9efa56b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYWyGIHoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca075e-1ee9488d2dd0437728beac94;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2RZzMCqjRpKbm-g_6vAq1YV4LQ5RAB9HrkKCQx_ah4C6PnAzHZpKCg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:49:04 GMT
age: 15690
etag: "235bf4642e726bb6a303fe1b69238e2e973414cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7573 bytes)
Hash
7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:40:53 GMT
age: 52181
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6394 bytes)
Hash
1695371c247eedad65b4cac82f01215d
50510052f0e22e23f747c761d57cdf72910ac533
aadde426229f04f6a489b87d6949a485b19d4fd035cb244b6094549efc08013f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6394
x-amzn-requestid: 859587bc-081f-4092-8fed-40e3f2bc8ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOjE6FJNIAMFz6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4bb8-28848a07545a0e557f1250b1;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIQ-V8uU0HwYAPEfXMUw7T2IYlStHuZ0mwWdVFUNf46i6ugVGZm-Bw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 11:50:55 GMT
age: 40779
etag: "50510052f0e22e23f747c761d57cdf72910ac533"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7804 bytes)
Hash
a5de6b54196befa95e9291a051c645d0
e3100707a4e9b1d5c30223d31f58cd6ee8ad010b
5bcc3dd7011df4e17d7ef86d892fedeca14b0d0eabbe782fecf35c9a82b25e40

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: 4cd6ed50-202c-4e57-94db-cc6585dca5b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQWuH20oAMFxzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa91-05441777646d154650c97512;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D6nD7sD6FQavjUir9rxJlh9U2reSno5qNQ0qQdG4iS6hscVfSHdBCQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 22:01:13 GMT
age: 4161
etag: "e3100707a4e9b1d5c30223d31f58cd6ee8ad010b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Fri, 27 Jan 2023 00:34:02 GMT
Date: Thu, 26 Jan 2023 23:10:34 GMT
Connection: keep-alive

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 553
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:10:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-24288898-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-24288898-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (44013 bytes)
Hash
357c2f0e4f7b869223dc33c746aecd96
2480d291ad4389fcbcf924339ab17b8ae1c88081
281d644bed18627ecf9410f844030d148b50ff1dc0bd6359493308283faff370

HTTP Headers

GET /gtag/js?id=UA-24288898-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:10:35 GMT
expires: Thu, 26 Jan 2023 23:10:35 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 22:38:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:10:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a241c8cbc1cc373a92e2cea1b4636e2d
febc75ed6757e56edd3d6f79aabac39dcab4173b
7fcc10c950cd9ef30b2229d68237803e2edebee2e6e8eccd01aa3d2ab082156d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164321
Date: Thu, 26 Jan 2023 23:10:35 GMT
Etag: "63d2e74c-1d7"
Expires: Sat, 28 Jan 2023 20:49:16 GMT
Last-Modified: Thu, 26 Jan 2023 20:49:16 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zBkPHPsGUEFAg7x-k8Ki_VZi1CVxwBwNNOtsVkOU76tK8xVdOB464w==

cdn.actionstep.com/fonts/inter/inter.css

54.230.111.67

200 OK

5.1 kB

URL HTTP/1.1
cdn.actionstep.com/fonts/inter/inter.css
IP
54.230.111.67:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
5.1 kB (5092 bytes)
Hash
211ad8217f6c3e79d73a1db729ea884d
7ca3bf21a5d8d07d9fb5f55db453653cc0483336
ccbbef2fab88c9873154bd50ae7a4ce4b2df53ddfcfca4c72a36b9d5b70163fd

HTTP Headers

GET /fonts/inter/inter.css HTTP/1.1
Host: cdn.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5092
Connection: keep-alive
x-amz-id-2: PvHE9Mw4HE9B0ESxYbKYAmnDytlFX2S49T0Bh577tUxc6n4Fey0VWCUHk4oyjId4iH5unHbvEJM=
x-amz-request-id: RRM1YQXRQE2MP2ZP
Last-Modified: Mon, 14 Oct 2019 01:05:17 GMT
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 26 Jan 2023 07:42:49 GMT
ETag: "211ad8217f6c3e79d73a1db729ea884d"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QyNWbnlmZLZ6H7Y6BQK5635EAWeLKrizwnzAKcL60eQJVnkMLzQLAg==
Age: 55667

cdn.actionstep.com/fonts/inter/Inter-Regular.woff2

54.230.111.67

200 OK

93 kB

URL HTTP/1.1
cdn.actionstep.com/fonts/inter/Inter-Regular.woff2
IP
54.230.111.67:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 92704, version 1.0\012- data
Size
93 kB (92704 bytes)
Hash
18e83d6dfd14797c8ec0cb4ce904f233
38ee3b323ff3d8a9b6bc15799bbb59092b808dd5
cd16ee19054fa3f6eeb658d378b259f816b5089585ce6061aa59692c51f12609

HTTP Headers

GET /fonts/inter/Inter-Regular.woff2 HTTP/1.1
Host: cdn.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.actionstep.com
Connection: keep-alive
Referer: https://cdn.actionstep.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 92704
Connection: keep-alive
x-amz-id-2: bZFffRDc4lMeWQC3DJM0oL4NheDfayFrCu3gtfFWZuNjZkgM3+C+2fYUUpb63goxkr0/SRwxmmo=
x-amz-request-id: 3WH0WDCXVVHRB95M
Date: Thu, 26 Jan 2023 07:15:20 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, DELETE, PUT, POST
Last-Modified: Mon, 14 Oct 2019 01:05:16 GMT
ETag: "18e83d6dfd14797c8ec0cb4ce904f233"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: o04fWvI3NUN8JFgZWz5uscuMVT5bzBzFDS_cw2jThspGT40L1ABlwA==
Age: 57317

go.actionstep.com/dist/frontend/library/jQuery/jquery.js?022232

13.54.106.25

200 OK

82 kB

URL HTTP/2
go.actionstep.com/dist/frontend/library/jQuery/jquery.js?022232
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type
data
Size
82 kB (82027 bytes)
Hash
fb8ac18c8436dd8c1b796b90edc3708b
cfd424f28d23e2c5951b22f9f8873b4247b979f6
c3d84734f5ddcaabca9c6c9b8e6e817da136961f08d30c224c6597fa2ffc02e7

HTTP Headers

GET /dist/frontend/library/jQuery/jquery.js?022232 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.actionstep.com/fonts/inter/Inter-Medium.woff2

54.230.111.67

200 OK

100 kB

URL HTTP/1.1
cdn.actionstep.com/fonts/inter/Inter-Medium.woff2
IP
54.230.111.67:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 99608, version 1.0\012- data
Size
100 kB (99608 bytes)
Hash
c6fde2a92fa6723f27876d1398672e99
93738b8032e074dc1cdace9463aae88ab6640214
4e4e25bc89262626ef0b81ddb9284594b25589fd52940013965ce2e1ea327ac2

HTTP Headers

GET /fonts/inter/Inter-Medium.woff2 HTTP/1.1
Host: cdn.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.actionstep.com
Connection: keep-alive
Referer: https://cdn.actionstep.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 99608
Connection: keep-alive
x-amz-id-2: fDRPoIkCxYxvbDBI/n7vP0Hwnv6YRQOUC8JPCbyHT64ERlIX4CswS8/ZRel6wcbGtiA04CXj9RU=
x-amz-request-id: MECH0S689Q9KJY43
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, DELETE, PUT, POST
Last-Modified: Mon, 14 Oct 2019 01:05:15 GMT
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 26 Jan 2023 07:15:20 GMT
ETag: "c6fde2a92fa6723f27876d1398672e99"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xXitHm-zmKjWOjJwjtJjah9REOqj0T3s0Fg92neBGcjVDY_IOsYh0w==
Age: 57318

go.actionstep.com/dist/frontend/application/layout/v2/sass/print.css

13.54.106.25

200 OK

1.4 kB

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/v2/sass/print.css
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type
data
Size
1.4 kB (1422 bytes)
Hash
d0cf6cbdc31df2f9bc14ad7d990ad601
df7149789ff78f148f3b5f5ac43e3915521f8265
5cb9bef6842b06976694f6e93a62f2baf23e5a4a82c5ac5fc6c26ed32897eaf5

HTTP Headers

GET /dist/frontend/application/layout/v2/sass/print.css HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:37 GMT
content-type: text/css; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
143966026bdef2a1e6ac064c84d36a87
d88e78bfb4468239258e42416a911476c96a157c
39a4cc58cad26727796b69d07147ea9afaa91864ebbf172f6392904f5b84e2cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113185
Date: Thu, 26 Jan 2023 23:10:37 GMT
Etag: "63d20ff4-1d7"
Expires: Sat, 28 Jan 2023 06:37:02 GMT
Last-Modified: Thu, 26 Jan 2023 05:30:28 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: adQJ7gjtSVB-Lr60V4G2N3ZDtUkNdA3-3nVmbOO1A3ZSmJLEtD_f1A==
Age: 3994

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 21:45:20 GMT
expires: Thu, 26 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 5117
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

heapanalytics.com/h?a=4245481937&u=8208181329871107&v=3575441478481346&s=4276779838229084&b=web&tv=4.0&z=0&h=%2Ffrontend%2Fapplication%2Fauth%2Flogin&d=go.actionstep.com&t=Login&r=https%3A%2F%2Fap-southeast-2.actionstep.com%2F&ts=1674774636964&st=1674774636968

3.232.171.121

200 OK

37 B

URL HTTP/2
heapanalytics.com/h?a=4245481937&u=8208181329871107&v=3575441478481346&s=4276779838229084&b=web&tv=4.0&z=0&h=%2Ffrontend%2Fapplication%2Fauth%2Flogin&d=go.actionstep.com&t=Login&r=https%3A%2F%2Fap-southeast-2.actionstep.com%2F&ts=1674774636964&st=1674774636968
IP
3.232.171.121:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /h?a=4245481937&u=8208181329871107&v=3575441478481346&s=4276779838229084&b=web&tv=4.0&z=0&h=%2Ffrontend%2Fapplication%2Fauth%2Flogin&d=go.actionstep.com&t=Login&r=https%3A%2F%2Fap-southeast-2.actionstep.com%2F&ts=1674774636964&st=1674774636968 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:37 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

go.actionstep.com/frontend/application/auth/login

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/frontend/application/auth/login
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/application/auth/login HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap-southeast-2.actionstep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: text/html; charset=UTF-8
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.microsoft.com https://*.actionstep.com https://*.officeapps.live.com https://*.office.com https://*.office365.com https://*.sharepoint.com https://*.affinipay.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' data: *.affinipay.com *.google-analytics.com *.licdn.com *.hotjar.com *.hs-scripts.com *.hs-banner.com *.facebook.net *.herokuapp.com https://fullstory.com *.fullstory.com *.hsforms.com *.usemessages.com *.adsymptotic.com *.intercomcdn.com *.hotjar.io *.hubapi.com *.ubembed.com *.intercom.io *.facebook.com *.hscollectedforms.net *.hs-analytics.net *.hubspot.com *.linkedin.com *.hsadspixel.net *.heapanalytics.com https://heapanalytics.com *.googletagmanager.com *.googleapis.com ajax.googleapis.com *.doubleclick.net *.googleadservices.com *.twitter.com t.co www.google.com *.google.co.nz *.gstatic.com apis.google.com cdn.actionstep.com ct.capterra.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: stz=UTC; path=/; SameSite=None; domain=.actionstep.com; secure
st=a4arhm6noqup7jkuf1gkqtgii6; path=/; SameSite=None; domain=.actionstep.com; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/v2/as-main.css?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/v2/as-main.css?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/v2/as-main.css?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: text/css; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/modules/application/auth/Login.js?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/modules/application/auth/Login.js?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/modules/application/auth/Login.js?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/Form.js?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/Form.js?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/Form.js?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/library/jQuery/jquery-ui.js?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/library/jQuery/jquery-ui.js?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/library/jQuery/jquery-ui.js?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/v2/svg/btn_microsoft_logo.svg

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/v2/svg/btn_microsoft_logo.svg
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/v2/svg/btn_microsoft_logo.svg HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/dist/frontend/application/layout/Layout-Login.css?291816
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:37 GMT
content-type: image/svg+xml
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

update.studio3t.com/win-x64/studio-3t-x64.exe

54.230.111.60

200 OK

0 B

URL HTTP/1.1
update.studio3t.com/win-x64/studio-3t-x64.exe
IP
54.230.111.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY Executable served from Amazon S3
suricata	high	ET POLICY PE EXE or DLL Windows file download HTTP

HTTP Headers

GET /win-x64/studio-3t-x64.exe HTTP/1.1
Host: update.studio3t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 224923656
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:09:19 GMT
Last-Modified: Wed, 07 Dec 2022 15:07:21 GMT
ETag: "dd2a5f0cc73b88a603ced6d740309f86-27"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Eqcvm4Z0DnbwtQfc7-1fKwMr1wlrpZ3_3jlGxwGVdkxtYk9nV_Mlng==
Age: 75

go.actionstep.com/dist/frontend/library/ActionStep/BrowserTests.js?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/library/ActionStep/BrowserTests.js?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/library/ActionStep/BrowserTests.js?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.heapanalytics.com/js/heap-4245481937.js

54.230.111.90

200 OK

0 B

URL HTTP/2
cdn.heapanalytics.com/js/heap-4245481937.js
IP
54.230.111.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/heap-4245481937.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 26 Jan 2023 23:10:21 GMT
server: nginx
x-powered-by: Express
etag: W/"21f2a-9CcrNh6yuKVgRSq11ffVSA"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zDeM7Yje7kpfo859P2F3McDyPuBRSMHnJsV0e7liyIbOOf685jLXVA==
age: 15
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/v2/svg/btn_google_logo.svg

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/v2/svg/btn_google_logo.svg
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/v2/svg/btn_google_logo.svg HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/dist/frontend/application/layout/Layout-Login.css?291816
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:37 GMT
content-type: image/svg+xml
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/v2/svg/as-logo.svg

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/v2/svg/as-logo.svg
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/v2/svg/as-logo.svg HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/dist/frontend/application/layout/Layout-Login.css?291816
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:37 GMT
content-type: image/svg+xml
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/Layout-Login.css?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/Layout-Login.css?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/Layout-Login.css?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: text/css; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/library/jQuery/jquery-ui.css?291816

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/library/jQuery/jquery-ui.css?291816
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/library/jQuery/jquery-ui.css?291816 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: text/css; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

go.actionstep.com/dist/frontend/application/layout/Layout.js?122212

13.54.106.25

200 OK

0 B

URL HTTP/2
go.actionstep.com/dist/frontend/application/layout/Layout.js?122212
IP
13.54.106.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/frontend/application/layout/Layout.js?122212 HTTP/1.1
Host: go.actionstep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.actionstep.com/frontend/application/auth/login
Cookie: stz=UTC; st=a4arhm6noqup7jkuf1gkqtgii6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:10:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML