ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
162.241.124.179200 OK 11 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 858262e8dcd89959e2f2159d5089a19a
30619cd3796fe9926e59df3358e3895268a9471b
eeeb19f4597980113605e0cdc2de420ec015c82226528348c7972e5bf8e883ed
GET /IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw== HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6700
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 11:21:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5352
Cache-Control: max-age=88756
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 11:21:07 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:00:23 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4580
Expires: Wed, 30 Nov 2022 12:37:27 GMT
Date: Wed, 30 Nov 2022 11:21:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 11:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 86
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iaAC4KrLkvVIykMMt0zyxRK376lCDVTLQfvIvo+CXuh1XdvTZMbWYfIhVc7V1T1FI+BAmpGC18UnEpFjrIFbWg==
x-amz-request-id: KJHT9HHQB1KVJ3Y6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 10:45:50 GMT
age: 2117
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 11:21:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/bootstrap-theme.css
162.241.124.179200 OK 26 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/bootstrap-theme.css
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (576), with CRLF line terminators
Hash 4ab74839c0e6e04aaded2cc455884969
9ace676019ff57fae5704585c6e6756f783613f1
384efd3352ce7d1af2b2499f853b78fdaeffc2e0d2e9cc88d8ade0f21101e278
GET /IN.gov-secure/uplink/app/assets/css/bootstrap-theme.css HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:41:30 GMT
Accept-Ranges: bytes
Content-Length: 26517
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/dwd_ui_new_logon.css
162.241.124.179200 OK 8.8 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/dwd_ui_new_logon.css
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 8e74c07b1004841b44cde0ed786d18f8
0360710e26689adc70614cb44dcf31ff72bd6914
75e091bf479bf068ca110648a5bf1a547c3937034136c6df9b0c7a6b756bd0ee
GET /IN.gov-secure/uplink/app/assets/css/dwd_ui_new_logon.css HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:43:50 GMT
Accept-Ranges: bytes
Content-Length: 8819
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/js/index.js
162.241.124.179200 OK 833 B URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/js/index.js
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 38b091250110299ca8c89c4a708b8505
b8ce8e505bcd8b2436dc02e1a4c6e7589da245d5
8c244e0969259ca2551354e74c8b4e03765d5c904bdebde9f76d04339ecf4be1
Analyzer Verdict Alert fortinet Phishing
GET /IN.gov-secure/uplink/app/assets/js/index.js HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 22:00:10 GMT
Accept-Ranges: bytes
Content-Length: 833
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/datepicker.css
162.241.124.179200 OK 18 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/datepicker.css
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1046), with CRLF line terminators
Hash 86a2f2b974c92dafef706b1c728b4f64
69d6b5bc4c2f025db83ad22e7a5fd0f79b808c01
0b4bdffe61a61e13eeebd6f6cf26d94d32ffdc1a903be5a06f964da4f48d252c
GET /IN.gov-secure/uplink/app/assets/css/datepicker.css HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:41:40 GMT
Accept-Ranges: bytes
Content-Length: 17822
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/dwd_ui_2.css
162.241.124.179200 OK 15 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/dwd_ui_2.css
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with CRLF line terminators
Hash 613fc0f82d36edba28426a347e9daef2
509c9064e0dba15f3699b90558005783d83e3e92
a480de0a4936506d2214e1df18af771a9f55dd9b783f5fffaeb82a43ae8ae4c0
GET /IN.gov-secure/uplink/app/assets/css/dwd_ui_2.css HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:41:50 GMT
Accept-Ranges: bytes
Content-Length: 14699
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 11:08:56 GMT
cache-control: public,max-age=3600
age: 732
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/bootstrap.css
162.241.124.179200 OK 157 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/bootstrap.css
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (540), with CRLF line terminators
Size 157 kB (156884 bytes)
Hash 1433c311764f1942176c98a8f22e6a37
a79e71135e98945c450078c3696bbb2ead5775ad
c38543754f7f4032641a203495c57ad9938b4b9acf96e916a7b2f91dc366a3e6
GET /IN.gov-secure/uplink/app/assets/css/bootstrap.css HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:06 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:40 GMT
Accept-Ranges: bytes
Content-Length: 156884
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/workone_logo.png
162.241.124.179200 OK 1.5 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/workone_logo.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 112 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 6528af31bb4992701acfc5869667e31c
06fe266fc7ada3a775c69fd5c8903dafaf9d5b92
fc4889186113664ddba1a1289bfd7417da8d1a5a29196a5df5826452cd6a139a
GET /IN.gov-secure/uplink/app/assets/img/workone_logo.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:12 GMT
Accept-Ranges: bytes
Content-Length: 1517
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/WO_sm2.png
162.241.124.179200 OK 4.0 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/WO_sm2.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 112 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c0442aefdb390d9f38c8a8ea533fce3
1e9a21999b0c9f08aa5680f6dfd965fc98f36bbd
02d752941b8287dbaffea39c3e85ede4fdd290c94d28007c6290d3f750579c70
GET /IN.gov-secure/uplink/app/assets/img/WO_sm2.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:12 GMT
Accept-Ranges: bytes
Content-Length: 3958
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/dwd_logo_header.png
162.241.124.179200 OK 2.9 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/dwd_logo_header.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 82 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash dbf59868fefded3644e8c4360b220bea
03238395bcd92bb32e08bc63cfb784184fa57afc
737583b7ef565d8ef3dac66402748b061252d53131b393f25d1a8ddace5c968b
GET /IN.gov-secure/uplink/app/assets/img/dwd_logo_header.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:10 GMT
Accept-Ranges: bytes
Content-Length: 2931
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/DWD_seal_sm2.png
162.241.124.179200 OK 5.3 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/DWD_seal_sm2.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 55 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 12421272009652dae9a1ec969feb6aa1
b33efce6fe4d573a977d7643cce8a5df43f3eee5
fe4996d9bc6553f63ff89bc7dab848b4d6251620a8bc70218c2f73a1a291326a
GET /IN.gov-secure/uplink/app/assets/img/DWD_seal_sm2.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:10 GMT
Accept-Ranges: bytes
Content-Length: 5312
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/DWD_sm2.png
162.241.124.179200 OK 7.1 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/DWD_sm2.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 133 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 10eb78da6bdc3172afa9bf7f1bfea4c3
47c43720b9d39b964a06d6ecb712a4c3102edaf8
c67742e3f99c6c6e527d2b1e59adc5e9770ce1dd0de9b936e06bbc9803e9f454
GET /IN.gov-secure/uplink/app/assets/img/DWD_sm2.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:10 GMT
Accept-Ranges: bytes
Content-Length: 7140
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5353
Cache-Control: max-age=170096
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 11:21:08 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:36:04 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/top_banner_02-2.png
162.241.124.179200 OK 1.9 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/top_banner_02-2.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 122 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 586ed0a08cc45497480d4b2d173fe238
33166e4a92913948e399e6d9a37e334f9caf24ce
be49d3c37d9a69304bc64f939549f1e23679538f8557f2e501c37aea9bc25efa
GET /IN.gov-secure/uplink/app/assets/img/top_banner_02-2.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:12 GMT
Accept-Ranges: bytes
Content-Length: 1881
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/Get_Adobe_Acrobat_Reader_icon.png
162.241.124.179200 OK 61 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/Get_Adobe_Acrobat_Reader_icon.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 158 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 030155fb903e3526ae4d460f131eab65
850544184938bc2fb1ad57b807205e3ac654d0a2
e9d799f426b22004c33e534cf0a63f1236f1a3c18a941e899ddcfabdddf8c846
GET /IN.gov-secure/uplink/app/assets/img/Get_Adobe_Acrobat_Reader_icon.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:10 GMT
Accept-Ranges: bytes
Content-Length: 61022
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/font/glyphicons-halflings-regular.ttf
162.241.124.179200 OK 45 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/font/glyphicons-halflings-regular.ttf
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 15 tables, 1st "FFTM", 16 names, Macintosh, type 19 string, www.glyphicons.com\012- data
Hash e18bbf611f2a2e43afc071aa2f4e1512
44bc1850f570972267b169ae18f1cb06b611ffa2
e395044093757d82afcb138957d06a1ea9361bdcf0b442d06a18a8051af57456
Analyzer Verdict Alert fortinet Phishing
GET /IN.gov-secure/uplink/app/assets/font/glyphicons-halflings-regular.ttf HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/bootstrap.css
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:22 GMT
Accept-Ranges: bytes
Content-Length: 45404
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf
push.services.mozilla.com/
44.240.159.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.159.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qykiFpbh44QH7zIjVQ8sAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: abWFXtgG4J1nsDvhUyBoQZoVDZ4=
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/favicon2.png
162.241.124.179200 OK 1.4 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/favicon2.png
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 32 x 32\012- data
Hash 10051d80756955a6c0b20f80dd8a665b
cb3c7a027c6c050786031efc81881eeade5e4ea6
f5b4987bcceccf2425af30d697cd648a0bdaf0d74bafac565bf6ca1786678cec
GET /IN.gov-secure/uplink/app/assets/img/favicon2.png HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/login.php?MTY2OTY0OTIyODQ4OTBjMGYxODAyODU2NWMyYzE5MDRhZmJlMTI3ODExODczODVmYWQwYmE0YTIxY2I4NTUzNDRjMzVhNWIxN2U4NGE4ZDBjYw==
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 22:01:26 GMT
Accept-Ranges: bytes
Content-Length: 1371
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/hp-hero-img-bkg-img-1.jpg
162.241.124.179200 OK 108 kB URL HTTP/1.1 ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/img/hp-hero-img-bkg-img-1.jpg
IP 162.241.124.179:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x500, components 3\012- data
Size 108 kB (108539 bytes)
Hash 6497e0a6d35b046e2eab1e195cb7acf3
1cc8915eda0cd6f02eb5c55819df13657dc25b4f
64cef246392cbcf778dc22da2a0b55cacfe3128edf47ceb7630b3dbdfdf70921
GET /IN.gov-secure/uplink/app/assets/img/hp-hero-img-bkg-img-1.jpg HTTP/1.1
Host: ahdlgctz3.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ahdlgctz3.ml/IN.gov-secure/uplink/app/assets/css/dwd_ui_new_logon.css
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 11:21:07 GMT
Server: Apache
Last-Modified: Mon, 15 Mar 2021 21:42:12 GMT
Accept-Ranges: bytes
Content-Length: 108539
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3763
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 11:21:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3763
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 11:21:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3763
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 11:21:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3763
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 11:21:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3763
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 11:21:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 47377
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 49085
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 48258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 48982
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 47590
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dTu4TnkeBj5Jm6nU8CA37pptq4F43BUYXcAJPcXro47W1MJriiVrcw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
age: 48994
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2