| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 20:10:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ls8h4_ZwNMmDipuGG8S3p_Oq4ZMQvh_WLExjvIq6pX4vHZcLczlIZw==
Age: 1013
|
|
| r3.o.lencr.org/ | 23.36.76.225 | 200 OK | 503 B |
IP23.36.76.225:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5496
Expires: Thu, 15 Sep 2022 21:59:02 GMT
Date: Thu, 15 Sep 2022 20:27:26 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y5yOKsDbLWMqmcsMl4nQo7eCR1wHyl5LZzNEEizMAMF-PSq5vnbXbw==
age: 57131
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 20:27:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash4d2343a114acb6187364af7feb15af19 f33c8049aaad900566610bf6fbeed34a87bd317c 8321c79ab2c28c1cb9b2ca0753da26310e2990e3f6855849b760d7b021e2f27d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 20:27:26 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nClo2WhjUWdedWU1lmO5iGKBUqRVzMiwHsmYvI9GX_hQt3rhyU-clg==
|
|
| code.jquery.com/jquery-3.1.1.min.js | 69.16.175.10 | 200 OK | 30 kB |
URL HTTP/2code.jquery.com/jquery-3.1.1.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (32030) Hashf7a4a283c6a5130b43ce8de3b7842078 ef243edbb67f9e50f8589885e4541f6c919ea8d7 aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663273646.dop018.sk1.t,1663273646.cds255.sk1.hn,1663273646.cds010.sk1.c
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 69.16.175.10 | 200 OK | 24 kB |
URL HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (32012) Hash30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663273646.dop230.sk1.t,1663273646.cds255.sk1.hn,1663273646.cds235.sk1.c
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js | 104.17.24.14 | 200 OK | 6.2 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (19015) Hash7b4114faa411d059a9a5ac4b5b4d9dee 277da4486916fa3a4ab3375f47bc98f58dbf90f6 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1218071
expires: Tue, 05 Sep 2023 20:27:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v95%2BSS07R%2B0FXSDuWr2Gwg3cuTa745XOpxICyCuB%2BVr6%2BhWlclfOyAMzJYo5WMkqjJsJ2W4wURo9docQVhNNH6q8I8v%2FjRtnPL8ZF7lKKzbTnpbHJdCitWFA4D27ByYqCFATRKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b41a64ff8db50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7975b33417f675d21a178b997288d616 1d2e957c46d45d6cb2f44389f3dcc66c880b6065 daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 20:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| code.jquery.com/jquery-3.3.1.js | 69.16.175.10 | 200 OK | 80 kB |
URL HTTP/2code.jquery.com/jquery-3.3.1.js IP69.16.175.10:0
Hash9fd458b477c45f28862c10eeee99263f bcfceda34c540b9957758de619b288362188bb0b ef82ed7916ef7c6cb059d150c8b1e102c57e0e174ea6a1dfbcd0c286c465ba0f
GET /jquery-3.3.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-encoding: gzip
content-length: 80268
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-42587"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663273646.dop230.sk1.t,1663273646.cds255.sk1.hn,1663273646.cds214.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash2e8e3b8dcfc70035468cee19fa0ce164 8abd549de54a56c4d8866642803817e1d411ad88 9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 20:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/outlook1.png | 143.204.55.7 | 200 OK | 771 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/outlook1.png IP143.204.55.7:0
File typePNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data Hashc3fc46c5799c76f9107504028f39190f 519096ad3f03410cf9ce3c9b9fcca6b439d97b23 57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/outlook1.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 771
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:16 GMT
etag: "c3fc46c5799c76f9107504028f39190f"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aTMG1TCzb__D2L__sSwcnFgF_1UQ_lwOCyfAB-nsyAVI60JfpQAYwA==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/logo.svg | 143.204.55.7 | 200 OK | 647 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/logo.svg IP143.204.55.7:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (647), with no line terminators Hashfdc1c98a8e23cae6eb142e2e17f4916b 811fc44bfa4354566e73f74f3f6371ef42ef8b98 2c6e8ef34ab0a8ea39ddb3292ffecd00fee0c10262aa0a6ec6495823801ca3b0
Analyzer | Verdict | Alert | openphish | Office365 | | fortinet | Phishing | |
GET /images/logo.svg HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 647
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:17 GMT
etag: "fdc1c98a8e23cae6eb142e2e17f4916b"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RA0e-m6oNZdfToOatsNFMclMa0eJpay5Nwqo2TmT1x88v-hZl0ZaCQ==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/aol1.png | 143.204.55.7 | 200 OK | 26 kB |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/aol1.png IP143.204.55.7:0
File typePNG image data, 253 x 218, 8-bit/color RGBA, non-interlaced\012- data Hashec9cbc1048239b3927ad0276fc983019 17c27c038644bdb141381b606c7c94a177c07326 f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/aol1.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 26456
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:16 GMT
etag: "ec9cbc1048239b3927ad0276fc983019"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GkNt6A3bcoWfXLZLu5mRVpm-Cul85x0NjV6Yl_LdoHCLF9BsW7J55w==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/yahoo1.png | 143.204.55.7 | 200 OK | 18 kB |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/yahoo1.png IP143.204.55.7:0
File typePNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced\012- data Hash4458cd0a6df7deabdff0b99bd5905ec9 45a8b436d07d7ed7973b87a1c393d6973afe6fb5 aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/yahoo1.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 17931
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:17 GMT
etag: "4458cd0a6df7deabdff0b99bd5905ec9"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D74U7Jw88dDmX7G6xe-YFZdIjRM-bwZipDTo2EM96lunfxSHxUNYvQ==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/other1.png | 143.204.55.7 | 200 OK | 22 kB |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/other1.png IP143.204.55.7:0
File typePNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data Hash6843a244e12fab158aa189680b5e7049 0e1c691f87cc4fa35c88344974f2829c40176b70 3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/other1.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 21882
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:17 GMT
etag: "6843a244e12fab158aa189680b5e7049"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Mk0jgEGBAJBdrf8jtM45nEmRun65Vq9Sw-RnI8isJ7QEws55gRFCiw==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/gmail1.png | 143.204.55.7 | 200 OK | 684 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/gmail1.png IP143.204.55.7:0
File typePNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data Hash9cfa8c18fd226f29d38a8272c04c5f23 811e2d3c8806d07f6927a891856c051894c5a339 13414930adeb5db9b7a8e396be2aeadf2be6eb7aa9a768876bae79cbddf01ab5
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/gmail1.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 684
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:16 GMT
etag: "9cfa8c18fd226f29d38a8272c04c5f23"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y3mPPE_OPxrrGH2bBARMK0092MZ_TdVecsdcUbXAYm2ChuWBKVgkfg==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/gmail.png | 143.204.55.7 | 200 OK | 67 kB |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/gmail.png IP143.204.55.7:0
File typePNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data Hashdce2f2b0e50cb1dbb0246d152791cb46 d0a69c159304edc08db005163e7a0daf5a1e98a6 acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/gmail.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 66743
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:17 GMT
etag: "dce2f2b0e50cb1dbb0246d152791cb46"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 87rGE2WFX74pddEc8Jxi5sWrZ5EWSrFhxIhnZOjkMI_aYCb5p2F0uw==
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 15 kB |
URL HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP104.18.11.207:0
File typeASCII text, with very long lines (50758) Hashedcd312cd2b886774ad45a74910afbf8 48c746745a5f58f745135cc32d43a0df383b8650 6c31099a4519f7a008c1ba79340aabfbca11f1566926cd6fc3a50db2b387725d
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 6317494
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b41a64eb50b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js | 216.58.211.10 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP216.58.211.10:0
File typeASCII text, with very long lines (32065) Hash6d973c8b7e2439d958e09c0a1ab9fe50 05ae0830200c20b9a2dfd5a825adc400481a60fb f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 21:06:53 GMT
expires: Thu, 14 Sep 2023 21:06:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 84033
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7975b33417f675d21a178b997288d616 1d2e957c46d45d6cb2f44389f3dcc66c880b6065 daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/ | 143.204.55.7 | 200 OK | 5.7 kB |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/ IP143.204.55.7:0
Hash2ef5b50f0211d51b0f54c40b61fb40f3 cfbd82a1b5c98ad25bf21c6b687abf968fe2165b 711de7b1f7c109432a2254c88f08b06be490b1a0217ebb5e89c10d4eecbc0475
Analyzer | Verdict | Alert | openphish | Office365 | | fortinet | Phishing | |
GET / HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:16 GMT
etag: W/"3221f483b3d4fd83b5ed5a49b78a3a22"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sCT6uXLk4_XpqnpiCHIUrOy1JSZqx0IqhAI5XDiN7eDictbjUoudOg==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash2e8e3b8dcfc70035468cee19fa0ce164 8abd549de54a56c4d8866642803817e1d411ad88 9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 54.187.146.10 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.187.146.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D3+b4Epb+vCHsbxRQcm5WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TEZUqkMMUPKHmK9hXfk7dggL+dc=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7df27d4646e6e1cd358f0997ad604ea9 bf0c3feb55312e00ed8aa718458cc1e932903ac2 ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2 | 142.250.74.163 | 200 OK | 10 kB |
URL HTTP/2fonts.gstatic.com/s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 10116, version 1.0\012- data Hashb5dbdda8786a7217df0b90912e2f6991 94bf8611be20feb3c9241806e87511bd73758a2b 0fe6376419d1b2b5b3114da291dbbb4bdf1165bc7a17dcc7b5322befc738e26a
GET /s/archivonarrow/v24/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 09:33:32 GMT
expires: Mon, 11 Sep 2023 09:33:32 GMT
cache-control: public, max-age=31536000
age: 384835
last-modified: Fri, 24 Jun 2022 19:03:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6e669093dc2c285ce41d74ad82e5c3d2 1e65ded94e2b8c575979da362ce8dc2e304c5d5f 5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 20:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/back.jpg | 143.204.55.7 | 200 OK | 163 kB |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/back.jpg IP143.204.55.7:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:05:06 23:11:15], progressive, precision 8, 1740x813, components 3\012- data Size163 kB (163271 bytes) Hash4ff10a08dfa0bcee3781fc4e1a74fc02 26a8ed41571c6497f5c8c63f79cb5ee4c264a6d1 22774ac0a13d9f56dd58e14efa2afc70c098c21e3bdeabb5dc1d3cff81c2e5f2
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/back.jpg HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 163271
date: Thu, 15 Sep 2022 20:27:28 GMT
last-modified: Thu, 15 Sep 2022 04:02:17 GMT
etag: "4ff10a08dfa0bcee3781fc4e1a74fc02"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JHiuh5KPm6Me1naeDumTnMR6uKZJS0ol8bDYTAboHMhwKypC9Y-4Dg==
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221663273400165%22 | 143.204.55.36 | 200 OK | 4.7 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221663273400165%22 IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (22383), with no line terminators Hash037b94a848758f44dd9998d3ca343083 2fec8bd545861c5bfd587c82abe5a895c6f69de9 3be27e35185df482fee3bd5b9f008b4c4840f52946684a8fe6505f368cac6733
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221663273400165%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 20:27:24 GMT
Expires: Thu, 15 Sep 2022 21:27:23 GMT
Last-Modified: Thu, 15 Sep 2022 20:23:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T6SKd-_y9J5fEsUAFQQ2NOA65hodlKYtGBRPQZFpBEXRtyjLViSgAw==
Age: 3
|
|
| r3.o.lencr.org/ | 23.36.76.225 | 200 OK | 503 B |
IP23.36.76.225:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5951
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 20:27:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.225 | 200 OK | 503 B |
IP23.36.76.225:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5951
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 20:27:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.225 | 200 OK | 503 B |
IP23.36.76.225:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5951
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 20:27:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.225 | 200 OK | 503 B |
IP23.36.76.225:0 ASN#20940 Akamai International B.V.
Hashb9bfbb189fcbbdc76ff274e424f39053 de008d728f2274f08019c97bc969ddd6fe64a65d a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5951
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 20:27:28 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4833535b1650b0ac875704023b650e66 96ab8cd8e14350f730d26731f3445710324e24e2 d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9ybN4lIqGCbpld1PvmjrIpnYNgHGTSgg6Qc0o8xg-ttlTvX1uNa9dQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:21:39 GMT
age: 349
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3ef9865421a37eae9a4df04083d27485 c7cf1f6a259cece60a34261ec83ee00736e1d72b 723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 79297
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf2157f7cfbdeb607f28ae51eb090f2c3 33d0dcadaa42179b2eae914c8ad16c9c088afbc9 135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VZ88wGjWdv9DOhonVamk_UnGmavT535eEa4o2sfgskmE0x3QX5iBIg==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:21:13 GMT
age: 375
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1633672fad0b564108cf81ad711dc881 d37ad0f40bc1f3f0022467dd0af2478980bd858a cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 78649
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2e5f57ba37fac4e6047a9a321a8ec084 f6b742549ea35a4b1345cffb937a8bbcceee08ef f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 81743
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf5befd5bb8e6d5dad2465be69d5a33e4 e5b46c3ca439a09950290cada1af5e27cede10f2 4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VWjXuugfeW6xGoTvb_q4GZWERm_iM0l_RjdyyPxEt2ssOPiU8_yAoQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:21:04 GMT
age: 384
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP104.18.10.207:0
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:32:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7a05dcff37ba75078d884d26917e250b
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b41a64dae4b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Archivo+Narrow&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Archivo+Narrow&display=swap IP142.250.74.10:0
GET /css?family=Archivo+Narrow&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 20:27:26 GMT
date: Thu, 15 Sep 2022 20:27:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/css/hover.css | 143.204.55.7 | 403 Forbidden | 0 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/css/hover.css IP143.204.55.7:0
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /css/hover.css HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Thu, 15 Sep 2022 20:27:26 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0D3mxTgOfnhljzFUiPb_Wg1iQKj34dO_fdIzIRUwOQmuhLn1nBj6mA==
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/images/onedrive-white.png | 143.204.55.7 | 403 Forbidden | 0 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/images/onedrive-white.png IP143.204.55.7:0
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /images/onedrive-white.png HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Thu, 15 Sep 2022 20:27:26 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: COhwzX6IBYzPRb8xfIBz2Tp3u9WLcrHRYR_Oa-oY77NVzFxea4YQ4A==
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.10.207:0
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:36:43
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 758c0a56b5c5bd9e46a945900118d383
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b41a64aaabb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/css/hover.css | 143.204.55.7 | 403 Forbidden | 0 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/css/hover.css IP143.204.55.7:0
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /css/hover.css HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Thu, 15 Sep 2022 20:27:26 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cE-6lq1tap6CEiO0iAt22vOhhDTwAnlaGaYoLsYEz8fwDewbuK0Yzw==
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.7.0/css/all.css | 172.64.132.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.7.0/css/all.css IP172.64.132.15:0
GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf.d2p52jrzwyy83.amplifyapp.com
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 20:27:26 GMT
content-type: text/css
x-amz-id-2: CKpSHaVuPBcJYm35N9W8BlM/MV4xjiun1k14pxTu3UNSwTSBRfVmWi9zGEJVCN8V7OxmeLdjs5c=
x-amz-request-id: Y89Q8ZN183WHBP2Y
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:15 GMT
etag: W/"251d28bd755f5269a4531df8a81d5664"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 52485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHZHImGqXvnBFsC6MoM4ECM1ZWy0Id%2BJWBewQ2YP9rGN1i7gjKxJORd0S7bFr5UxZwUbWJzWZsehHH%2FGBjhHZsPixttYoKwz2HhlxCF8J4eU9yjD3TswG2YqagYZ7Xu8FnPsjy1H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b41a650f2c7576-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pdf.d2p52jrzwyy83.amplifyapp.com/css/album.css | 143.204.55.7 | 200 OK | 0 B |
URL HTTP/2pdf.d2p52jrzwyy83.amplifyapp.com/css/album.css IP143.204.55.7:0
Analyzer | Verdict | Alert | openphish | Office365 | |
GET /css/album.css HTTP/1.1
Host: pdf.d2p52jrzwyy83.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf.d2p52jrzwyy83.amplifyapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Thu, 15 Sep 2022 20:27:27 GMT
last-modified: Thu, 15 Sep 2022 04:02:16 GMT
etag: W/"6b947213f69368bcd6d52af846027b60"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nAUE85fRLYqqLy4O0CiXrGrQdb_TAaADoR4mm-hM6YdTP1Z_snrZGA==
X-Firefox-Spdy: h2
|
|