Report - login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace

Report Overview

Submitted URL
login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace
IP
20.54.186.168
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-01-26 11:47:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	763 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.189.85.130
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
login.global.volvocars.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	601 kB	20.54.186.168
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-26 11:47:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-01-26 11:47:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-01-26 11:47:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace	86 B	2023-03-12	2023-03-14
Pretty URL login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace IP 20.54.186.168 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:03:49 Last Seen2023-03-14 08:18:52 Times Seen1 Hash 1f5f9d3760a796d1cdf4711fe77a8470 2b4fe1b74cd86a736a9a1dee8d93fe217ed3a11b 34a025722abd4546c2b429e0b2207770405dd0af6f303be21c8ebe134bdcaca1 Loading...

	login.global.volvocars.biz/nidp/images/vcc/src/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-04-25
Pretty URL login.global.volvocars.biz/nidp/images/vcc/src/jquery-1.7.2.min.js IP 20.54.186.168 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-25 23:22:04 Times Seen13773 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	login.global.volvocars.biz/nidp/images/vcc/src/ie-emulation-modes-warning.js	2.2 kB	2023-03-07	2023-11-20
Pretty URL login.global.volvocars.biz/nidp/images/vcc/src/ie-emulation-modes-warning.js IP 20.54.186.168 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:36 Last Seen2023-11-20 05:06:14 Times Seen5 Hash eeae8e727506b74e63a540d9dbeb9719 cb2d9ab24e79ace7d1158b4017f988b2d822c013 4865ffd276f3237560a277196880f84db333e25601ea68a9f97e8eeeab4d1763 Loading...

	login.global.volvocars.biz/nidp/images/vcc/src/ie10-viewport-bug-workaround.js	662 B	2023-03-07	2024-01-05
Pretty URL login.global.volvocars.biz/nidp/images/vcc/src/ie10-viewport-bug-workaround.js IP 20.54.186.168 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:36 Last Seen2024-01-05 08:28:28 Times Seen18 Hash cb70061bb97adbe73f7a82e851d94611 4298dbe9b38428a76c410ad346f55a16d2e75ec5 4c47a96380865bff32cb084e596fbba52f3ba44ff7c2eb92c6ff2885ceb8785a Loading...

HTTP Transactions (34)

	URL	IP	Response	Size
	login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace	20.54.186.168	302 Moved Temporarily	0 B
URL HTTP/1.0 login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.0 302 Moved Temporarily Location: https://login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace Server: BigIP Connection: Keep-Alive Content-Length: 0

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f5e46725831d8d722872bf68d752f4c5 cf37793a1b73e3f84fe6c37fb27382c83b49dbc0 0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6" Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7670 Expires: Thu, 26 Jan 2023 13:55:04 GMT Date: Thu, 26 Jan 2023 11:47:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 58ffdcb539c3b250fdf31ed761627fc1 5b55b1522ef84c39b5c42f9bbfbc62b806c1269f eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3872 Expires: Thu, 26 Jan 2023 12:51:46 GMT Date: Thu, 26 Jan 2023 11:47:14 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 26 Jan 2023 11:35:16 GMT content-type: application/json age: 718 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 49049f3c92aad686cd7ff28ecd2a5a4f 9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57 02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12447 Expires: Thu, 26 Jan 2023 15:14:41 GMT Date: Thu, 26 Jan 2023 11:47:14 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: qf/lVB4PZaHC/tv52InvZcVExOW1JX9kamp2Q8PUIXFR758RFbRC+PWvsYJ1jA3j1wcOpA1vXi0= x-amz-request-id: VG98HS4YD7RGJGGV content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 26 Jan 2023 11:20:04 GMT age: 1630 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 26 Jan 2023 11:47:14 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 02e06a588b45aca3dd1621f1053f1107 22c79f4fd5715c116a3b63bb2c3afe47619a3aa5 c09a5d4e8539fa37416c83888524ba8c29be62826bb5fd66b19c875aa6457a92 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=166806 Content-Type: application/ocsp-response Date: Thu, 26 Jan 2023 11:47:15 GMT Etag: "63d250d9-1d7" Expires: Sat, 28 Jan 2023 10:07:21 GMT Last-Modified: Thu, 26 Jan 2023 10:07:21 GMT Server: nginx Content-Length: 471`

	login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace	20.54.186.168	200	436 B
URL HTTP/1.1 login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 436 B (436 bytes) Hash f55412fa7b9b9600b950fcdbbcffe399 36362eef6f0f3ff9ec16399fea871d75a109213c fec14f2ce646516a23c3119ee100c97c33e177d63895b451de19353e67fa08db HTTP Headers GET /nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Set-Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; Path=/nidp; Secure; HttpOnly UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy; Path=/nidp; Secure; HttpOnly Pragma: No-cache Cache-Control: no-cache Content-Type: text/html;charset=UTF-8 Content-Length: 436 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0	20.54.186.168	200	5.2 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (420) Size 5.2 kB (5189 bytes) Hash c839a2d3398dc98263a678ddf6217b81 414e51e9e3dbb701e7bb7bd3d169dc002e375a98 6cd5670ec4e0a2702f45948ab0086b79a1dc57284cbb2f0cbd8e8bd98190d57c HTTP Headers POST /nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 0 Origin: https://login.global.volvocars.biz Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/saml2/sso?SAMLRequest=fZJbb4IwGIb/Cum9VCrobISE6cVM3EaE7WI3SymdNKkt61fc4dcPZAe3ZF737fMe8i2A7VVD09bVeiueWwHOe90rDfT4EKPWamoYSKCa7QVQx2meXm8o8ce0scYZbhTyUgBhnTR6aTS0e2FzYQ+Si7vtJka1cw1QjKuq8Q9GHQxnFvxSvuO8lmVplHC1D2BwDyY4u80L5K26JFKznvlDUGYntb9TpmTqD0rLqsF9ZoI7FPLWqxg9ji94EM14GEZ8RoKKz8PptHwSUTCZzDmZiU4G0Iq1Bse0ixEZk8loHIzItAgCGk5pNHtAXvZZ81LqSurd+U3KQQT0qiiy0dDlXlg49ugEKFn0KenR2J5sfR7LvgZGyf9zwvecC3xiMjg29KajrleZUZK/ealS5mVpBXMiRgHCyfDl9ykkHw==&RelayState=ss:mem:c35815e97173b3bc8214423be5dbb3bebd6e4c3428190d0ef4eb0d9af7a46ace Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block via-ESP: null,NIDPLOGGING.600105004 session33-C9A939DE5157774BBAD7616CDE2C7638, null,NIDPLOGGING.600105004 session33-C9A939DE5157774BBAD7616CDE2C7638,NIDPLOGGING.600105002 session220-C9A939DE5157774BBAD7616CDE2C7638 Pragma: No-cache Cache-Control: no-cache Content-Type: text/html;charset=UTF-8 Content-Length: 5189 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive

	login.global.volvocars.biz/nidp/images/vcc/src/ie10-viewport-bug-workaround.css	20.54.186.168	200	444 B
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/ie10-viewport-bug-workaround.css IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with CRLF line terminators Size 444 B (444 bytes) Hash 44b019095e00d3455b3f7747a2c860ea a5eaceaf150514fcdb10f7f9a182a9d31b0ebfff a06edaecf27d307abdec187622eb79d7edeaeaa649e39857a9bf7aede7b8a8eb HTTP Headers GET /nidp/images/vcc/src/ie10-viewport-bug-workaround.css HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"444-1601894751000" Last-Modified: Mon, 05 Oct 2020 10:45:51 GMT Content-Type: text/css Content-Length: 444 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/ie-emulation-modes-warning.js	20.54.186.168	200	2.2 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/ie-emulation-modes-warning.js IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with CRLF line terminators Size 2.2 kB (2179 bytes) Hash eeae8e727506b74e63a540d9dbeb9719 cb2d9ab24e79ace7d1158b4017f988b2d822c013 4865ffd276f3237560a277196880f84db333e25601ea68a9f97e8eeeab4d1763 HTTP Headers GET /nidp/images/vcc/src/ie-emulation-modes-warning.js HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"2179-1601894751000" Last-Modified: Mon, 05 Oct 2020 10:45:51 GMT Content-Type: text/javascript Content-Length: 2179 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/signin.css	20.54.186.168	200	6.1 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/signin.css IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with CRLF line terminators Size 6.1 kB (6131 bytes) Hash 068915dad4fc114435707ca783350522 d8ebb43c990cce32491d683723cb720409db3ea1 3c39cfa4651e75b15a43e013ac32052dc2427236ceeda68836ef9ff2008083e4 HTTP Headers GET /nidp/images/vcc/src/signin.css HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"6131-1647183384000" Last-Modified: Sun, 13 Mar 2022 14:56:24 GMT Content-Type: text/css Content-Length: 6131 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/ie10-viewport-bug-workaround.js	20.54.186.168	200	662 B
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/ie10-viewport-bug-workaround.js IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with CRLF line terminators Size 662 B (662 bytes) Hash cb70061bb97adbe73f7a82e851d94611 4298dbe9b38428a76c410ad346f55a16d2e75ec5 4c47a96380865bff32cb084e596fbba52f3ba44ff7c2eb92c6ff2885ceb8785a HTTP Headers GET /nidp/images/vcc/src/ie10-viewport-bug-workaround.js HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"662-1613733974000" Last-Modified: Fri, 19 Feb 2021 11:26:14 GMT Content-Type: text/javascript Content-Length: 662 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/bootstrap.min.css	20.54.186.168	200	121 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/bootstrap.min.css IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with very long lines (65367), with CRLF line terminators Size 121 kB (121205 bytes) Hash 149a9ed657712c905f986726c80df59c fcabf5715bc451718526a6120b13c21793798e91 5f1127c388114a88e2dfe666ac583b778acd9b07a7188fa4157d1817a968bee3 HTTP Headers GET /nidp/images/vcc/src/bootstrap.min.css HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"121205-1647183399000" Last-Modified: Sun, 13 Mar 2022 14:56:39 GMT Content-Type: text/css Content-Length: 121205 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/jquery-1.7.2.min.js	20.54.186.168	200	95 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/jquery-1.7.2.min.js IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769) Size 95 kB (94840 bytes) Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 HTTP Headers GET /nidp/images/vcc/src/jquery-1.7.2.min.js HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"94840-1601894751000" Last-Modified: Mon, 05 Oct 2020 10:45:51 GMT Content-Type: text/javascript Content-Length: 94840 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/img/volvo-wordmark-white.svg	20.54.186.168	200	1.5 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/img/volvo-wordmark-white.svg IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1456), with no line terminators Size 1.5 kB (1456 bytes) Hash 2e480e39addf461b3f298a005f8c6188 e305e657d4014ed70189ca6ab5b5b160a387ef2f 90d124baa451b2e1687cdf6f56892458305b4fe5a4d5576ca1d387792f66f0bf HTTP Headers GET /nidp/images/vcc/img/volvo-wordmark-white.svg HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"1456-1646998333000" Last-Modified: Fri, 11 Mar 2022 11:32:13 GMT Content-Type: image/svg+xml Content-Length: 1456 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 26 Jan 2023 10:49:01 GMT age: 3494 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c398b6b39d11d25b8ae9bc5cd94a1c98 640aa8c399ced71d0c2a9f5a90fbaf091b01d642 a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855" Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17057 Expires: Thu, 26 Jan 2023 16:31:32 GMT Date: Thu, 26 Jan 2023 11:47:15 GMT Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/img/bg-bottom-square.png	20.54.186.168	200	924 B
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/img/bg-bottom-square.png IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Size 924 B (924 bytes) Hash 9f0518c28ba98b4579f3d7714a8337b3 ab18857abc90c687afed39dc9012720cd7d4554d 4813d045c3f5f452715071637cfa8f31fca4e67748511345d93108b4fa4089b7 HTTP Headers GET /nidp/images/vcc/img/bg-bottom-square.png HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/images/vcc/src/signin.css Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"924-1613733792000" Last-Modified: Fri, 19 Feb 2021 11:23:12 GMT Content-Type: image/png Content-Length: 924 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/VolvoBroad.woff	20.54.186.168	404	120 B
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/VolvoBroad.woff IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 120 B (120 bytes) Hash b604ee5ee984fc73fffac0c8ed6ad379 3e30a7a6e9a9d03e3e95e074c468fccfeeb1a3b2 67037b80c615b13fefdbd77e334aa36111cfa60d80fb4e387358fd589b686eec HTTP Headers GET /nidp/images/vcc/src/VolvoBroad.woff HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/images/vcc/src/signin.css Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/1.1 404 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Type: text/html Content-Length: 120 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/VolvoNovumMedium.ttf	20.54.186.168	200	165 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/VolvoNovumMedium.ttf IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 41 names, Macintosh, Volvo Novum is created exclusively for Volvo Trademark Holding Aktiebolag. Copyright 2019 Volvo \012- data Size 165 kB (165144 bytes) Hash f78adb91582f2a9e4c220b7f3c733adb a0af9d6765c40f22b3ea0549b25d311a104f346f 6ad90746409ba6979e3479f162fa83c2813ccdab36dcfd5b09d3014ab871990c HTTP Headers GET /nidp/images/vcc/src/VolvoNovumMedium.ttf HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/images/vcc/src/signin.css Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"165144-1646986771000" Last-Modified: Fri, 11 Mar 2022 08:19:31 GMT Content-Length: 165144 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/src/EV_volvo.jpg	20.54.186.168	200	196 kB
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/src/EV_volvo.jpg IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1800x1258, components 3\012- data Size 196 kB (195466 bytes) Hash 548ad3d5b8b7c8d3d8479daaf182b32b 32a562edda0f109d7ba537db1c798bdfdeca1683 c6e605cee7adfa9ec2111f1b3ef9610e2b680907965c379bed8f989df0f088ee HTTP Headers GET /nidp/images/vcc/src/EV_volvo.jpg HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Accept-Ranges: bytes ETag: W/"195466-1646986771000" Last-Modified: Fri, 11 Mar 2022 08:19:31 GMT Content-Type: image/jpeg Content-Length: 195466 Date: Thu, 26 Jan 2023 11:47:14 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	login.global.volvocars.biz/nidp/images/vcc/favicon.ico	20.54.186.168	403	677 B
URL HTTP/1.1 login.global.volvocars.biz/nidp/images/vcc/favicon.ico IP 20.54.186.168:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (673), with no line terminators Size 677 B (677 bytes) Hash acac29ca0a1d8037e66198f117079011 c09817e4075249110046acd4bda0afe50c796c1e 3604f7409aa8c1890e3e2ac1677204031a340985aa1ad9687f2553021e56751c HTTP Headers GET /nidp/images/vcc/favicon.ico HTTP/1.1 Host: login.global.volvocars.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.global.volvocars.biz/nidp/app/login?id=vcc-connect&sid=0&option=credential&sid=0 Cookie: JSESSIONID=C9A939DE5157774BBAD7616CDE2C7638; UrnNovellNidpClusterMemberId=~03~02fca~1C~14~16lpy Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 403 X-FRAME-OPTIONS: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Type: text/html;charset=utf-8 Content-Language: en Content-Length: 677 Date: Thu, 26 Jan 2023 11:47:16 GMT Keep-Alive: timeout=60 Connection: keep-alive`

	push.services.mozilla.com/	54.189.85.130	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.189.85.130:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: D+1mGHoBor6kxiTj1OYV7Q== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 9C+JdwP9nKutWda8kfoCSst/U9Q=`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6528 Expires: Thu, 26 Jan 2023 13:36:05 GMT Date: Thu, 26 Jan 2023 11:47:17 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6528 Expires: Thu, 26 Jan 2023 13:36:05 GMT Date: Thu, 26 Jan 2023 11:47:17 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6528 Expires: Thu, 26 Jan 2023 13:36:05 GMT Date: Thu, 26 Jan 2023 11:47:17 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg	34.120.237.76	200 OK	3.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.4 kB (3411 bytes) Hash 805711aaab303931f8966bbf73aeda52 2bd02a45c8b407e36a41a482b121ea3e14f7c722 66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3411 x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e-EyCEzrIAMFb8A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0 x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 03:41:17 GMT etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722" content-type: image/jpeg age: 29160 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8648 bytes) Hash 4e013ee2e3a5287de55de4c2437a279d f2b0a5738ec9e3b178b2bf5513de3e604b86eadf f174d5678154412cdbf71f93c345d28cfb8bad7c190fa31dd78e9314c510f7ca HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8648 x-amzn-requestid: 19beb9c1-4e85-47ba-9275-7fb5d25f055f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUYMlENLoAMFhIg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a0b6-016533de5b42b3a573a66c78;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:50 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jkExt4JNW6KtzDm8mDdb-AvXWXeyZr14XifDN_XVzKiwFAru_1HcSA== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Wed, 25 Jan 2023 21:55:21 GMT age: 49916 etag: "f2b0a5738ec9e3b178b2bf5513de3e604b86eadf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5943 bytes) Hash ba0a42dadf6a976df148f652e9cc1844 4d825b74865effa4a858ddcad1d0969671facc07 7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5943 x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUXxNF2UIAMFlYw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Wed, 25 Jan 2023 21:48:42 GMT age: 50315 etag: "4d825b74865effa4a858ddcad1d0969671facc07" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8822 bytes) Hash 13cd008fb3e2739ec7caadadbd427655 c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1 a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8822 x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUYRwF2KIAMFjDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: n2ULSpeRMRZ9CDjmrwd56ti_gPYh9ApC521naXURI2Bh1eiKwjyHZw== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Wed, 25 Jan 2023 21:51:26 GMT age: 50151 etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10379 bytes) Hash 653bf5a34e9f99c9eef73a21d98d792f c70d46aa2210c4f7c397fa20e1225b7d0734ac35 9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10379 x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUYMREwmIAMFhQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Wed, 25 Jan 2023 21:41:09 GMT age: 50768 etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg	34.120.237.76	200 OK	9.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.3 kB (9285 bytes) Hash 17e1b6f3caa98b0e0972802408dd3f93 07e48bf3565e00d093d72dd4ada606f5d39a4838 7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9285 x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUYT2HzvoAMFYYA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Wed, 25 Jan 2023 21:52:28 GMT age: 50089 etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL HTTP/1.0

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type