paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939
162.241.60.162200 OK 1.4 kB URL HTTP/1.1 paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939
IP 162.241.60.162:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 26492b1511315d712195a737726a90db
43988849b3f41e1ace3d03eb5cb5d7e50e2c14e0
5c6ec35d8155ed782b3aa1223aa7669f35b46d9bd7a2079850ffed2570f7c928
Analyzer Verdict Alert openphish PayPal Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ET PHISHING Paypal Phishing Landing 2018-05-09
GET /login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939 HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:13:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1350
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4074549843769a3da3f055bcb5a78ff
f99062d34cf71bda6a9c64061fb9e61008f94021
895e3801806f031611a25bec5652cc1a46dfa76ea6784f5064d859c1a5b9ddf7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "895E3801806F031611A25BEC5652CC1A46DFA76EA6784F5064D859C1A5B9DDF7"
Last-Modified: Tue, 04 Apr 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16678
Expires: Wed, 05 Apr 2023 03:51:56 GMT
Date: Tue, 04 Apr 2023 23:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e50dac5108a698d61ca49516033d1a20
53d243b89fc00deb9bfae07351bbe36ddb7c1df3
e9e0ad98c485b56fe65ea0a8bc4974fff3f804fcf2d8f6266ada9acd27c7b7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E0AD98C485B56FE65EA0A8BC4974FFF3F804FCF2D8F6266ADA9ACD27C7B7CC"
Last-Modified: Tue, 04 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11298
Expires: Wed, 05 Apr 2023 02:22:16 GMT
Date: Tue, 04 Apr 2023 23:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20286
Expires: Wed, 05 Apr 2023 04:52:04 GMT
Date: Tue, 04 Apr 2023 23:13:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 22:28:46 GMT
content-type: application/json
age: 2712
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hWCbFEBo+nsul1hvqJfUtukBQTQcdmH5h3NxpH56lX4IfT1TM1aB3M8yt+wyVhoivtJA4bzBAKo=
x-amz-request-id: 62S18JHYFPPG26HJ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 22:53:23 GMT
age: 1235
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 23:13:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
paypal-support.com.desenvolvedortheosbank.com.br/css/L-Z118.css
162.241.60.162200 OK 7.5 kB URL HTTP/1.1 paypal-support.com.desenvolvedortheosbank.com.br/css/L-Z118.css
IP 162.241.60.162:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a1e35268517d3a7a0ca293db85fa52c2
dad48a3c7f7f43a090728aeab818995fa07f0aa2
d08917fee397be0a748569bb8f64c4784c68e0eb0aef519e55b4873bd11f4d8e
Analyzer Verdict Alert openphish PayPal Inc.
quad9 Sinkholed
NIDS Severity Alert suricata medium ETPRO PHISHING Anonisma Phishing CSS M1 Oct 12 2017
suricata medium ETPRO PHISHING Anonisma Phishing CSS M4 Oct 12 2017
GET /css/L-Z118.css HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:13:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 22:20:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7458
Keep-Alive: timeout=5, max=75
Content-Type: text/css
paypal-support.com.desenvolvedortheosbank.com.br/css/jquery.js
162.241.60.162200 OK 38 kB URL HTTP/1.1 paypal-support.com.desenvolvedortheosbank.com.br/css/jquery.js
IP 162.241.60.162:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash dfed9abb76e742dc4c3fb184dae0b7d8
74d9d9d7b2ca50b457ef8d5fa2ae5ce0d7a611d0
11a0d10087d74fcd2ce0eaef16f5e79155cb9e83b66b5effc33f53c0af7f7c7a
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
quad9 Sinkholed
GET /css/jquery.js HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:13:58 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 22:20:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
paypal-support.com.desenvolvedortheosbank.com.br/css/login.js
162.241.60.162200 OK 357 B URL HTTP/1.1 paypal-support.com.desenvolvedortheosbank.com.br/css/login.js
IP 162.241.60.162:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a0e29b5616345aca71d1f20e174dac5e
c4faed150c342eba53557093736f4f09b0ebb01e
b8964647d45d5c6353c1924f516aed5b4c8b82a22b70792fec89f5b787d6db05
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
quad9 Sinkholed
GET /css/login.js HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:13:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 22:20:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 357
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 27326a64990c6f698a83600491674790
a6bdb4743ace6be80673f6899605bf9177a75b69
e4a8d3c3016130e47580098183bcea5ae369697b7907eafd65ac3450dc2eb265
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4A8D3C3016130E47580098183BCEA5AE369697B7907EAFD65AC3450DC2EB265"
Last-Modified: Mon, 03 Apr 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4839
Expires: Wed, 05 Apr 2023 00:34:38 GMT
Date: Tue, 04 Apr 2023 23:13:59 GMT
Connection: keep-alive
www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
192.229.221.25200 OK 1.9 kB URL HTTP/2 www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
IP 192.229.221.25:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 796be015d691467b94dc2617ed1b009a
cfb268c516c0d6b3d05bdac25a3557eeab59c499
c442af9b78ab4ee99c8a248a98f4ee1cdac6bd841f5daa6950ce9677aac2a506
GET /images/shared/paypal-logo-129x32.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/svg+xml
date: Tue, 04 Apr 2023 23:13:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"544ad849-1351"
expires: Wed, 05 Apr 2023 00:13:59 GMT
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
paypal-debug-id: f983444936ec
server: ECAcc (ska/F796)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000f983444936ec-b72d6c356e6aee01-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1932
X-Firefox-Spdy: h2
paypal-support.com.desenvolvedortheosbank.com.br/img/favicon.ico
162.241.60.162200 OK 5.4 kB URL HTTP/1.1 paypal-support.com.desenvolvedortheosbank.com.br/img/favicon.ico
IP 162.241.60.162:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash e1528b5176081f0ed963ec8397bc8fd3
ff60afd001e924511e9b6f12c57b6bf26821fc1e
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
Analyzer Verdict Alert openphish PayPal Inc.
quad9 Sinkholed
GET /img/favicon.ico HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&dispatch=69a9f9274a39dcc23168b9257e031db92838c11c&session=6fd1d23cb93b953cb70be99d88c6d939
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:13:59 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 22:20:15 GMT
Accept-Ranges: bytes
Content-Length: 5430
Cache-Control: max-age=604800
Expires: Tue, 11 Apr 2023 23:13:59 GMT
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/x-icon
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GWj3+Kz6oGDeJnx/YIcYkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V3SyL1kmhh38kIWJ+Om/7rJ+PMk=
Date: Tue, 04 Apr 2023 23:13:59 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 22:17:29 GMT
age: 3390
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7247
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:14:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7247
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:14:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd83b1ff-cffc-4bc4-bd3c-bc6bee996f8d.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd83b1ff-cffc-4bc4-bd3c-bc6bee996f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d37a005990b494f2fbb22b15e95355aa
6dd60d490f5ee8b5f9c8aaeeca5a7a9b7b6a3a4a
89fb008ff33bc826389dab4b4ae6e54f24800102e5ab4993d541ac1a9d2f91b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd83b1ff-cffc-4bc4-bd3c-bc6bee996f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8166
x-amzn-requestid: c20672fe-1108-40c6-af1f-8c63f2524380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cr60YHdWIAMFVSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427d81b-7b7c250f5c9862e42bb65d0d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sat, 01 Apr 2023 07:07:07 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: EQ_IkbL70ACEqpp_sRChxfh_-LBixVnqDh0zLyhSXNXmf5WyMHYO7Q==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 15:04:20 GMT
age: 29381
etag: "6dd60d490f5ee8b5f9c8aaeeca5a7a9b7b6a3a4a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bfd0521-1109-419c-8b3c-62fa0adf6af2.png
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bfd0521-1109-419c-8b3c-62fa0adf6af2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d3beb6b22ff0d6eb1aad285540865e9
56d6b25f47f0871ed51b3c7f5d93ba6a9142474c
05524480fe20b8fc8901b4e401d9352eba230fc91b8893aaba8b8defdcffdd2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bfd0521-1109-419c-8b3c-62fa0adf6af2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4149
x-amzn-requestid: b051a876-051c-468c-9ba3-7f7e097fcc0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C3yqsGwboAMFx1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642c97dd-018790177515b48a7584d858;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 21:34:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: N-h42ktDgUdT631SHGKil75LXB666pd7i_ro2wDIIHBXQVQNJcsipA==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 21:39:50 GMT
age: 5651
etag: "56d6b25f47f0871ed51b3c7f5d93ba6a9142474c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e436c7d-e108-4689-b94e-5ff6e0dfdf0a.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e436c7d-e108-4689-b94e-5ff6e0dfdf0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd12555800d3b88954dfea270dc2e42e
1ef8b33524eacd8ea134937f55b2b4c704215992
0da83c486b906ca380982c4006e5b6d9235863056fb43945d74b55453ba07e8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e436c7d-e108-4689-b94e-5ff6e0dfdf0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9667
x-amzn-requestid: 688e8919-43f5-461e-8fe2-c37f9d9d4771
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CoomuG7gIAMFWMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642687c4-4f0b41fe5abeb8af44317551;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 07:12:04 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Eg7iFXrRmw7NlzCTZaSqetbmBptwCFtp7h2ZIWf_on4gPlXUQp_2fA==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 18:34:53 GMT
age: 16748
etag: "1ef8b33524eacd8ea134937f55b2b4c704215992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F013a5f10-c83e-4b37-9cf2-98dd8c6317c7.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F013a5f10-c83e-4b37-9cf2-98dd8c6317c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89523b8cda53b2230c5a6e0cfcd79402
8c3455bfc9934d5b99409d66584aa754afa56d5c
3e7da761fb47567dc9982b66915a28cee5a3dbff90c00fe896ff5bf9e9053e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F013a5f10-c83e-4b37-9cf2-98dd8c6317c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: b09e3361-314a-42a3-bf87-7eeac8c12679
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C3yqqGv8oAMFh3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642c97dd-73e54dea627436a511a7262c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 21:34:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: gU-d-HFY4Lwhj8lo8N5DPSy_bZyRhT3YJCM6488fg3UEY0liYMfLeQ==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 21:39:50 GMT
age: 5651
etag: "8c3455bfc9934d5b99409d66584aa754afa56d5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77527c77-7214-4edc-ac50-c610366aefd6.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77527c77-7214-4edc-ac50-c610366aefd6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14dd9bfa7f1f37c711973900dbb5af
c8dea8f9cafcf7d108c93156f40537e78f7da88f
b99050909eb528f9c22201ed2f0f185edbb1f0b1e16631ef21dca72433e1e05d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77527c77-7214-4edc-ac50-c610366aefd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3500
x-amzn-requestid: 5626e00a-90a4-42c5-bcbd-1ec24decfa47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C3yqqG0_oAMFTcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642c97dd-16eb602d2ac30b2521cc8165;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 21:34:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: z3N_E-I5Av2Q7QhEUu5UNeFCxrzUIzu6eWwKQRu03HFutBSwr-xUYQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 21:39:50 GMT
age: 5651
etag: "c8dea8f9cafcf7d108c93156f40537e78f7da88f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59d6989a-36a1-4ed7-9694-00dfbfc9b386.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59d6989a-36a1-4ed7-9694-00dfbfc9b386.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d504943bc15b039b6813b2d1a8a8783
865a647f277bf9234adce200cb6c3e0735f2c9e7
5906ddbaf547fcc998dc1121a1e345b34f575ffe867e32453121354f91df7d53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59d6989a-36a1-4ed7-9694-00dfbfc9b386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4774
x-amzn-requestid: fa477761-b787-44f1-916d-c3c645324c85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNnlG0ioAMF2Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64292963-687098861c456f89593e2ff7;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:06:11 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: v7SlWpId5gDQNec9lHlCcirQOQS0gyyVbhimXiirEbHVwCXQk83oyA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 13:25:41 GMT
etag: "865a647f277bf9234adce200cb6c3e0735f2c9e7"
content-type: image/jpeg
age: 35300
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2