| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcf768e41672570b0a4a9fe86045915fc 2249064a86b2ba11e28208b9fba1c9f1db4f3e9e a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sun, 09 Oct 2022 19:53:00 GMT
Date: Sun, 09 Oct 2022 18:12:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0abcbd2026091d840bb53609ce0d09b9 dcdc040d17262d2efcc03cad6361ee3d4f9f6d3f 25980535efad68788454fbcf263bdc4d05049a92ce0de73bc3f45aa0a84c87a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25980535EFAD68788454FBCF263BDC4D05049A92CE0DE73BC3F45AA0A84C87A7"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3302
Expires: Sun, 09 Oct 2022 19:07:09 GMT
Date: Sun, 09 Oct 2022 18:12:07 GMT
Connection: keep-alive
|
|
| getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 | 34.120.5.221 | 200 OK | 39 kB |
URL HTTP/2getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 IP34.120.5.221:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash5ef1cf502c63449f5259a4a80d7fa957 f8fb48efb769a860c2035aa6beefb8bed36ed355 03e6858885b3e350243c471e8c87e0975380598f3d559ab869e553dc2f96f38a
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: xvl0gcbnR8WRrSztiHG7326L3rZK6Z_JN7-Oqw-rMmkCrgA_hKgkRg==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 18:11:16 GMT
age: 662
content-type: application/json
content-length: 38632
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7cba6aada5c0a04c1c0644769c09f64e ed02f174a9b718951911343af8ec181c6d205b1d ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17890
Expires: Sun, 09 Oct 2022 23:10:17 GMT
Date: Sun, 09 Oct 2022 18:12:07 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash48ca0beea419a9039591cf1aee5179e0 9e92629f505fcc07aab51221e8fe62197a23e307 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xAvrwYnB/Vfcmj+vMVtf2ELFeRMH08W5It4rcVvSqWoCOq7QcdyfFMgDFm4kOwbwxmpNuCHHwaM=
x-amz-request-id: C25TAXCWHJ2BFGNK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 17:58:10 GMT
age: 837
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 99.84.11.99 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP99.84.11.99:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbdb8b66c705a7b996496d780f50c00b5 403ae92039fcc933870f51f913f78ccaf9652256 c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 18:07:14 GMT
Expires: Sun, 09 Oct 2022 18:25:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 25de4127038159040c9b8bcb29fd32bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: d16DlmITRIWp8UvSQBu9UJGRcIOunzVkJprCB0zHcKzQa4SFlGFagw==
Age: 293
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 18:12:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| detectportal.firefox.com/success.txt?ipv4 | 34.107.221.82 | 200 OK | 8 B |
URL HTTP/1.1detectportal.firefox.com/success.txt?ipv4 IP34.107.221.82:0
Hashae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 08 Oct 2022 18:24:38 GMT
Age: 85649
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash918eae9a6dd1f9306084f841617e7f5f 10f42521d11b3734509b778fda7ae6e2280dd485 fde54c2a37eae4242d193c1479a44e4137adefc15ddcbe2ba3e341f0f14b7849
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 18:12:07 GMT
Last-Modified: Sun, 09 Oct 2022 16:50:18 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 99.84.11.11 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 09 Oct 2022 17:41:37 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 18:28:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 31b9a80773cc362c841cdf3c93e7e136.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: Z-uiqPnOj_0Klc7jpAeph3hjgFg0wU8FLsuPRqzYgfJRcaZUZfmnyQ==
Age: 1831
|
|
| shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 | 35.82.2.166 | 200 OK | 8 B |
URL HTTP/1.1shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 IP35.82.2.166:0
Hash29fc57841962e407cb50c1be60284bf7 ce968a77e2996da5eee8925182318f171ccdce47 ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sun, 09 Oct 2022 18:12:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0e2d9e91637474eeaf391312eed441bd 5d29603c731b75308f7d1f584b3ac4c263c96a9e 7da864345088083e1a6fec2d95e07186ef8dbcef8505570e547844c556dfe3be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 18:12:08 GMT
Last-Modified: Sun, 09 Oct 2022 17:02:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 34.218.164.174 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.218.164.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LGwLLupAIxS03S3JtY/uBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N/87cTBxYbTNwjwwTJCDtg12CHc=
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221665320273307%22 | 99.84.11.11 | 200 OK | 5.1 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221665320273307%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (21675), with no line terminators Hash59fcb9c96c9a490f02f2b37865040ab0 ccfced7f26e05f7f2d94e5ad7270ca2b060508ac 5ce447e1a86762ab46f25ae02a06456d88207dd1c7701d01c43f7de76eac4cf5
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221665320273307%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sun, 09 Oct 2022 12:57:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 09 Oct 2022 18:01:57 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 18:02:00 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: R27glodVb1LHXGQLRNtc8B8VwPYi-3CzaoGq4I-WcisRtkC8XGKQDQ==
Age: 612
|
|
| firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664995039972&_since=%221653914271178%22 | 99.84.11.11 | 200 OK | 13 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664995039972&_since=%221653914271178%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash35778aecfa8c5af73c727941b0f592c9 12012e956763d34695cdf2ba48cd576efedfe13f 9eb6fedb914d50a397e62d890446ef99413d14514d2afe1947920842a6b0ba67
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664995039972&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 05 Oct 2022 18:37:19 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Sun, 09 Oct 2022 17:51:39 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 18:41:06 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: p5rpDXGyxoFPSZKen07mPYFMu5__amH9JWOsLwv8dkF4xfIWnQjSng==
Age: 1740
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Zo49tOsl3EFU68CUgVQUJyGa1zFPAa+gqx7F2VVGoXgo6zO8vvh3dDIz/KPHy3JwmWVfGkoeeKs=
x-amz-request-id: WGB57NEAY00WS2PG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 17:32:09 GMT
age: 2399
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 99.84.11.11 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbdb8b66c705a7b996496d780f50c00b5 403ae92039fcc933870f51f913f78ccaf9652256 c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 18:07:14 GMT
Expires: Sun, 09 Oct 2022 18:25:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: WD0oZh_sYq6PnqK_6RZVzXEHPWjzseVkphvh1cd_DNChSyRuAw-xhA==
Age: 295
|
|
| firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin | 99.84.11.109 | 200 OK | 796 kB |
URL HTTP/1.1firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin IP99.84.11.109:0
Size796 kB (795699 bytes) Hash9b95765b0e26af76116a95a966d61354 3f7c1b40fc999b83f3696f455402e49ab484b027 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 09 Oct 2022 05:44:18 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 d8e4194950ed73984cb263c3c77a006c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: txxAo1t2K9w307UDW7Svjv4qp6muRkOaydDfFwVfx1n0debv9riKjw==
Age: 44919
|
|
| vsywlcpioy.duckdns.org/index.html | 45.155.42.125 | 301 Moved Permanently | 162 B |
URL HTTP/1.1vsywlcpioy.duckdns.org/index.html IP45.155.42.125:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | fortinet | Malware | | quad9 | Sinkholed | |
GET /index.html HTTP/1.1
Host: vsywlcpioy.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 09 Oct 2022 18:12:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://vsywlcpioy.duckdns.org/index.html
Strict-Transport-Security: max-age=31536000
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1665273667383&_since=%221654732864402%22 | 99.84.11.11 | 200 OK | 12 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1665273667383&_since=%221654732864402%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (58917), with no line terminators Hashb4b689c1a6a0cd378130c7b06872c16f 94525d38b2766b6cb66f38243eca5c242555b7b9 cdb00be680d41a083ac36636c3e322f57927d30721576b1360e7ef8078149205
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1665273667383&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sun, 09 Oct 2022 00:01:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Sun, 09 Oct 2022 17:51:38 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 18:25:18 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: iDbQkbIXv7a4_-MNKwSnG8z9XqGTgqcweVUO5JD88TPUTDExGapCFw==
Age: 2227
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 | 99.84.11.11 | 200 OK | 5.5 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (20424), with no line terminators Hashbcd6f18cc37db55be80b342165208818 9efb53b924ca98367bc4b55b111a39cba2f931f8 c36b60b3d2c181017d5bdab7c5978529b70c283001c0ed35bab8242b08a607fd
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600
Date: Sun, 09 Oct 2022 17:26:41 GMT
Expires: Sun, 09 Oct 2022 18:23:23 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: KiU4d-lbD8h23Hm2neIzRv3UqxN3Tudc496Rf-Jss4lDuLgRrnfVtg==
Age: 2728
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: VkG0im+mhvcS23lHKoOW4jT7HH+VSapb7+JnYS97LYeMlQJVeBYL4q5GNai8lfpEbkfJZJrV3iI=
x-amz-request-id: 4MV7DWR6KT57D3MN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 17:17:58 GMT
age: 3251
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1665182464531&_since=%221654636467710%22 | 99.84.11.11 | 200 OK | 4.7 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1665182464531&_since=%221654636467710%22 IP99.84.11.11:0
File typeASCII text, with very long lines (33411), with no line terminators Hashb9950cbdb6eb0075f5198fd425706d60 1617c74e70828d49a6a682c82659b4dd626b573d 672d0a9ac4928ad2d258bcb477696d028b7948ff6b13e635b31580fc4cdbc910
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1665182464531&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 07 Oct 2022 22:41:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Sun, 09 Oct 2022 18:11:01 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 18:08:25 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: cF0zn4CDukfBa0tDtX1Mq5ABEdgS1EPirrrXSiwAsPfXTodr8MBRnA==
Age: 3241
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb5cf0255a785469b033344c2ec0ed394 a4a700c1c250cb10f175e67b4b11f2c94afb2bdb 191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11207
Expires: Sun, 09 Oct 2022 21:18:56 GMT
Date: Sun, 09 Oct 2022 18:12:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb5cf0255a785469b033344c2ec0ed394 a4a700c1c250cb10f175e67b4b11f2c94afb2bdb 191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11207
Expires: Sun, 09 Oct 2022 21:18:56 GMT
Date: Sun, 09 Oct 2022 18:12:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb5cf0255a785469b033344c2ec0ed394 a4a700c1c250cb10f175e67b4b11f2c94afb2bdb 191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11207
Expires: Sun, 09 Oct 2022 21:18:56 GMT
Date: Sun, 09 Oct 2022 18:12:09 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashee802dc4a72f3824dcab31ef95c48936 f987fdbbb21538b6f55f7dae713b59e234882456 0b6ce28ab1428c11ea6d215b3d21b44b85ca101b4885bf27f633153014ed1cf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8295
x-amzn-requestid: 0240dc68-f509-4a1f-a1c1-cd75e43d04d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHcHFuVoAMF-Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec4d-74e538af2f56b9271f6370c1;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dR53uFDN1I7R9H7r2fmkEGIXuCY5FHGQd7LKz-H02trcasl3NoG2PA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:18 GMT
age: 73671
etag: "f987fdbbb21538b6f55f7dae713b59e234882456"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8b331e-bfda-41c1-ba28-37b8830016ea.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8b331e-bfda-41c1-ba28-37b8830016ea.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash49e54a4a59a61533078f561c32f254e3 6396e8bf68251d60f0c9949cb99b6f3f46b61d34 3dc5081efa3b7456e91eb8b437789246f7cbd4176b2042e6801dcbd5a145e83c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8b331e-bfda-41c1-ba28-37b8830016ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5282
x-amzn-requestid: 16029133-8119-4249-9447-f1d02ef00f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj7n_GNtIAMFUlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e3fcc-6b5982c06383d5182132d5c6;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 02:39:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dc3qlfhgiv1MpP5aox0rAd24KDkiTRkyTjxtrPL01MpbnaVfZ7cmAA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:49:29 GMT
age: 73360
etag: "6396e8bf68251d60f0c9949cb99b6f3f46b61d34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6e9aa9808428e5fd81ac9d61d6f7c708 3a8d76badce50dd98938885082dcb6e30363ae88 d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 7bfb4e15-ea64-48b6-9e38-5d3e2d553863
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQObZFveoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63365de2-620d4fc015ad475203e906e9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 03:09:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: btYc3mHTigZv3Bzl32D1z777hMKwf-pstyTS7Bp2eGmzbmGI4pIQXA==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:42:19 GMT
age: 73790
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2b15495e3e13c06fd0d67523870405ed 3cb8b43735e86c93733affa10818c47693c80fce f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jm9hynO1KfuT2luShwOU_Ps2ZHxUAPwymP1Bi-V49MWWJ3ooQq7qVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:26:18 GMT
age: 71151
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashff8cfe3904cca89e3bdfa8186ae382ba 0b9dce744f5facad9a0a136d81cf24e928211856 a6f0925a9666a43d018c05d717310f57b86316290fb4a7cdd309c35842e557a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7674
x-amzn-requestid: 126f9400-fa43-413b-b496-338908efb777
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZeqScHUVoAMFrRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633c240f-1b7cff3e3415299a4d17e19e;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 12:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BjBiRKpvs2LQznegxhvMFrczSZGWXGSMvk3bxR8UPpcthRUUA2eTBg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:56:13 GMT
age: 72956
etag: "0b9dce744f5facad9a0a136d81cf24e928211856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f1ce5b6-8998-4fc8-b1c4-d0c89c74fba6.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f1ce5b6-8998-4fc8-b1c4-d0c89c74fba6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash954195baaeb3faefcb26cb04f1767465 bdba70f84d0c8f61b0cc4e99345a964ed9f46b9c efaafca7f8c638b1d92723745cbd02298afd4357e9bb7905e854921aaa51d271
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f1ce5b6-8998-4fc8-b1c4-d0c89c74fba6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8625
x-amzn-requestid: 0e74e6ca-2bfc-4b0e-8af4-630c2db9a6cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqhkHgIoAMFWDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8ad6-157ce0a07e1d98552bfd2bc1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:10:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5KfbGKLcjLes0CI2YMiiNLqfDOOpgq819kFrRECTsHHHR7DgY7wCgg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 13:37:57 GMT
age: 16452
etag: "bdba70f84d0c8f61b0cc4e99345a964ed9f46b9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 | 99.84.11.11 | 200 OK | 825 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (1394), with no line terminators Hash323f63cea1e65bcba94765be51a8cad4 5ae1b62bce94b3c9de5cdf0bb3d61873e0667300 de2dfaadd3174377d4e4edb027b2abe3909fdfeb1537b4cbc1a56b700ce0be76
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=2592000
Date: Sun, 25 Sep 2022 09:31:21 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: 4Uz33K8DRF79rNmgKlw5b71SF_Vc9pL5PE3TDcPtBmyPlc_w7zJcDA==
Age: 1240848
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 | 99.84.11.11 | 200 OK | 3.3 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (8682), with no line terminators Hash43ca54322d55fb59979cb10bc0b30a3e e2c56532fbe8201e4e9e25ac1a1926e2de00fdb5 75f3f51896ab455cc6462a4010bfb3653bf01c4239dbbd92bb9a814267accad6
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=2592000
Date: Fri, 30 Sep 2022 06:14:31 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: mMb24flI_tmjP71TBEpRvDhW4Sgg32zxVi9xNEHY001_-F3Rz3i8_g==
Age: 820658
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 | 99.84.11.11 | 200 OK | 3.4 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (14029), with no line terminators Hashe7e74647424d9c39a17385a707c87ffd 880314757d8539e3b7ae6512ed941b8c4f6540c5 d7bd771e4a69a08d014f8dae26bee3b39f560054ea3ee2d0d1ce9504949e11b4
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=2592000
Date: Sun, 25 Sep 2022 14:46:16 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: KeAL6MEDuZ--VKli-XOw_tk0WJ0vO18g-W-W-gSeO_o6GaWo5vOcCw==
Age: 1221953
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 | 99.84.11.11 | 200 OK | 1.4 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (3677), with no line terminators Hashe8d5876bd017ba0daf99ebe09fa1a30f 9862568db8fd0c511dc7a9f8ed78ca28b4098d39 9dd4dc96f76b9e0189ede9d0c36dcbd5fff3fac2e7ddef8d12242275c8b81e32
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Sun, 09 Oct 2022 17:51:39 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 18:37:41 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: vSm_Z02i3FP_d49bg7UjHuErXywHrebr5grEvZNdSuMMxrv7Ow3Dcg==
Age: 1278
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash304e52d3953195acee60710df9d3885f 6e7ac80867b07104df38bf094d779309b2e3d1a8 79a9b4d2e70c594617135989666d8c544a30a34332afe37c1d25bd3d42a15153
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79A9B4D2E70C594617135989666D8C544A30A34332AFE37C1D25BD3D42A15153"
Last-Modified: Sat, 08 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18955
Expires: Sun, 09 Oct 2022 23:28:04 GMT
Date: Sun, 09 Oct 2022 18:12:09 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 | 99.84.11.11 | 200 OK | 682 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (682), with no line terminators Hash2cf4438c61861d28e0f309366d09a530 f371c6c6cdafc75af9ab2df59a7f293c94e988da 6fd07a9b7155edc63c67a9bc41e7ea569807601c21a6d9635f488162873c4933
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, ETag, Expires, Cache-Control, Last-Modified, Content-Length, Content-Type, Pragma, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 16:36:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 09 Oct 2022 18:04:27 GMT
Cache-Control: no-cache, no-store
ETag: "1664901415997"
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: XOD-7-NTnJmMDUgXd2ZEtfAfsaEJwdeoh3-GvVajUybzz9wS5xp4xQ==
Age: 466
|
|
| vsywlcpioy.duckdns.org/index.html | 45.155.42.125 | 200 OK | 153 B |
URL HTTP/2vsywlcpioy.duckdns.org/index.html IP45.155.42.125:0
File typeHTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash7a80bba4ab362108bd4ff2417bec04f5 d730bd12abfe7efe08cc0c6aac7cc42b6709848e 8e809c4758d2e2e020c34e9653623554ceea08e58427c491a64dfa8baa60b00c
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | fortinet | Malware | | quad9 | Sinkholed | |
GET /index.html HTTP/1.1
Host: vsywlcpioy.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 18:12:09 GMT
content-type: text/html; charset=utf-8
content-length: 153
access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type,X-Token,X-Requested-With,withCredentials
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type
set-cookie: sessionid=a52b76ff883c8f5453e5276d99782fe7; Path=/; HttpOnly
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 | 99.84.11.11 | 200 OK | 959 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (1709), with no line terminators Hashd68cb9cd07d27d0593a1e9708cb6aa63 7c549c87461cc734b0edd45de85614ae567e7b7c 30dcd3093be9cc38ba12010d7e925f20c989a0e2962c52d9aec6e9acfa2736a6
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 09 Oct 2022 17:45:39 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 17:38:32 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: B8MXfBl7SVnZ4O_PHkJExd2Ci_Ld0yg4QEZLc0ajkjVZyKI1-BkuyA==
Age: 2024
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 | 99.84.11.11 | 200 OK | 1.1 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 IP99.84.11.11:0
File typeJSON data\012- , ASCII text, with very long lines (2194), with no line terminators Hash4286df03a653e5b403e88a8d28933306 8f974648aef7d271443707ce3a6eba8d9a117872 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=2592000
Date: Sun, 02 Oct 2022 13:32:31 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C2
X-Amz-Cf-Id: p9JlBFYrCvA7x3aDovtW0ZgeBXJcxpD1tx1lEX0NajFp-xchjWsSdw==
Age: 621578
|
|
| vsywlcpioy.duckdns.org/favicon.ico | 45.155.42.125 | 404 Not Found | 0 B |
URL HTTP/2vsywlcpioy.duckdns.org/favicon.ico IP45.155.42.125:0
Analyzer | Verdict | Alert | urlquery | | DynDNS domain detected | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: vsywlcpioy.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vsywlcpioy.duckdns.org/index.html
Cookie: sessionid=a52b76ff883c8f5453e5276d99782fe7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 09 Oct 2022 18:12:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type,X-Token,X-Requested-With,withCredentials
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
|
|