firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 12:06:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vNjOKz4L8h7UyVrQLAWW8IJNoR-K7C31vykl1cUK9Wap5_pmNxWNAA==
Age: 2970
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/
302 Found 0 B URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2284
Expires: Sat, 10 Sep 2022 13:34:10 GMT
Date: Sat, 10 Sep 2022 12:56:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QnMt22HiL4zd-yrz9J5JZBW0raNu2DJFpwWI2UDTzJT2R1yTUqmVCA==
age: 20334
X-Firefox-Spdy: h2
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
200 OK 1.5 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash e5d07f290f3b499bb72fb4dbc1253337
73691ea47529977ae49ebed3e7b096ea3ef1d1ae
6fa38c4549aaf18cf5f80cdda3fd248c433ba4acbb24950c329527e2f5e00378
Analyzer Verdict Alert fortinet Malware
GET /site/login HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D; path=/; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 12:56:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
200 OK 970 B URL HTTP/1.1 fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
IP
Hash e812fb232bce8f06193e96321efcbb9e
cf299b297e75c4eba129e33e51fc9b071ec6155b
070b9eaed57e3d897955e1a601912c05619acd3ddb5c69a2a35135ba22d6fdc8
GET /css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 10 Sep 2022 12:56:06 GMT
Date: Sat, 10 Sep 2022 12:56:06 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/bd2567f2/css/activeform.min.css
200 OK 1.5 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/bd2567f2/css/activeform.min.css
IP
File type ASCII text, with very long lines (4862)
Hash 100429db95b3be70b30ffe473eef6dae
95f715fe8603d3b421f3327f16c523b626deb827
3d0b97c1104928d79006feba7c6f59405d7c4c452cebfda39420ef78e2559be1
GET /assets/bd2567f2/css/activeform.min.css HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "1435-5d0d454eab753-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1502
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/4bfc391d/css/bootstrap.css
200 OK 21 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/4bfc391d/css/bootstrap.css
IP
File type ASCII text, with very long lines (386)
Hash 39ad3e06a3173c16b7880ba0521421cf
11e2c09c3b9aac81b2091b5e5b9b212f7ebf5fac
5b94944555ae7f74b41956b7629c6bd090518ae6b187f4a6341d5805ccb7ca74
GET /assets/4bfc391d/css/bootstrap.css HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "23a0d-5d0d454eac6f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21275
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/755dd706/yii.js
200 OK 5.8 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/755dd706/yii.js
IP
Hash 1610b3a3d6bee20af65f98eec8f8ffb0
0289498e6b1a5035efc57fc4e5649f0e11ab856a
62362a6a8d8211e7f7a5cc65139eea91d273d56bf59efbd4b68d45f6347783f3
Analyzer Verdict Alert fortinet Malware
GET /assets/755dd706/yii.js HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "51c6-5d0d454eab753-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5813
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/755dd706/yii.activeForm.js
200 OK 7.4 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/755dd706/yii.activeForm.js
IP
Hash 123174443bfc2eafdc43472ab63757e7
cb8bd090049328065015f0331074d61ffdb84aed
6d6ce237466167c3b694e97fdd45d86672b6cd310d5368e9590872fbe49659a0
Analyzer Verdict Alert fortinet Malware
GET /assets/755dd706/yii.activeForm.js HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "8f9d-5d0d454eab753-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7428
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/bd2567f2/js/activeform.min.js
200 OK 1.4 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/bd2567f2/js/activeform.min.js
IP
File type ASCII text, with very long lines (2914)
Hash 7da78cf62a86a72d5fd04e08ba0f926e
c3e8dd03806e69ecf3170a59e4f759d02f31cbea
fe3c9168a4b0af088ed1c9cf732eb4a72081f2fe6f44da7f3e04bb7c098b929c
Analyzer Verdict Alert fortinet Malware
GET /assets/bd2567f2/js/activeform.min.js HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "d17-5d0d454eab753-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1398
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 11:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 12:55:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xCyLH7gbH6o2OzESRwAqvo8ZPqMmOFmcEpj-Dl3KRylVw0rVz39h6g==
Age: 3599
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/755dd706/yii.validation.js
200 OK 3.1 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/755dd706/yii.validation.js
IP
Hash b10d6a092de6ab0a150abd184422f8ec
75a579d0a4970b338294d7e90426bb0c749f72b9
27573a1dd26677b9cafeb9ef823e77288f3eb536c2f33da4ccb9eb9574baa785
Analyzer Verdict Alert fortinet Malware
GET /assets/755dd706/yii.validation.js HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "4015-5d0d454eab753-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3064
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/font-awesome.min.css
200 OK 7.1 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /css/login/font-awesome.min.css HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 13:59:46 GMT
ETag: "7918-5d0d438ad33cd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/login.css
200 OK 2.8 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/login.css
IP
File type ASCII text, with very long lines (493)
Hash 8be6b64a127304c06ba87995fc78f177
2aa6653014515cf636076b45712bba00db61b409
eec355089b32b13f3df0d52ba6232efc091a5d3c75307cb34fa7735f5ff0dccb
GET /css/login/login.css HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 13:59:46 GMT
ETag: "29b6-5d0d438ad33cd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/4bfc391d/js/bootstrap.js
200 OK 16 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/4bfc391d/js/bootstrap.js
IP
Hash 0fe4d5ea1884b1762593f18f685d1a14
2136a4fb9110f205de6eeaa0f244b54958fae932
7dce45e82902c0a34168683f29b2b2e8dbdd5ee57cc6a13b84590052155187cd
Analyzer Verdict Alert fortinet Malware
GET /assets/4bfc391d/js/bootstrap.js HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "126dc-5d0d454eac6f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16130
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/1.1 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 46524
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Sep 2022 22:36:05 GMT
Expires: Tue, 05 Sep 2023 22:36:05 GMT
Cache-Control: public, max-age=31536000
Age: 397202
Last-Modified: Mon, 18 Jul 2022 19:58:01 GMT
Content-Type: font/woff2
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/6f58bf7a/jquery.js
200 OK 85 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/assets/6f58bf7a/jquery.js
IP
Hash 15fe05fbeb2c26487dc2649574c9b29a
b698ead1edb1b6d657da4f429039f94809a22b74
69853174db2dd66cb4f3f4a0e41d205c826949dfa33139d83353a625221ec5d9
Analyzer Verdict Alert fortinet Malware
GET /assets/6f58bf7a/jquery.js HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 14:07:39 GMT
ETag: "46744-5d0d454eac6f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/images/tick.png
200 OK 2.9 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/images/tick.png
IP
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash d8202849e2ff1fc8399b5b82696a49ee
d1775f136f00aa06a5a0f4d419e4e1e5143217aa
2364d8e0e2c405848bb725c2be8390d8d18fb739456bd50dd1cc350ba2464001
GET /css/login/images/tick.png HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/css/login/login.css
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 13:59:46 GMT
ETag: "b5d-5d0d438ad33cd"
Accept-Ranges: bytes
Content-Length: 2909
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
200 OK 471 B IP
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5365
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 12:56:07 GMT
Last-Modified: Sat, 10 Sep 2022 11:26:42 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ec2-3-18-103-154.us-east-2.compute.amazonaws.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 ec2-3-18-103-154.us-east-2.compute.amazonaws.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 6329798aad91752c4c2c9a50549e4384
c48837e2c47ce4a5ff24f3d8771a20b22ea141b4
46d43c0b4c994c74b07c2b7bb1e44abbf11916bc8be9929b52c57974ffb882c2
GET /favicon.ico HTTP/1.1
Host: ec2-3-18-103-154.us-east-2.compute.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ec2-3-18-103-154.us-east-2.compute.amazonaws.com/site/login
Cookie: PHPSESSID=hu46aemv1f8124o23g8ifm37oq; _csrf=f9590a0bd8e5ce6cc4c09f212bad9cc7f87f6d5f2be66a4956da144a06c01f9ba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Hz9DwrZ9gfpRunhT5fS2rHMBxJB7yy4p%22%3B%7D
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 12:56:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 15 Nov 2021 13:59:46 GMT
ETag: "47e-5d0d438ad33cd"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AYJl0iluJIelZ1ELsgmxyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qTiQZgKY0Zah24J4x8NKhws5LKc=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Sat, 10 Sep 2022 13:32:16 GMT
Date: Sat, 10 Sep 2022 12:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Sat, 10 Sep 2022 13:32:16 GMT
Date: Sat, 10 Sep 2022 12:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Sat, 10 Sep 2022 13:32:16 GMT
Date: Sat, 10 Sep 2022 12:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Sat, 10 Sep 2022 13:32:16 GMT
Date: Sat, 10 Sep 2022 12:56:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 478caf1cbdbafefa1b73c4e1a21e027c
90dd5e86857e7f6313bbb053baa8c1d4784d3089
0c845efdea74e5b1245ca00ea33a0b8220551d156ca34620e3d90ccb4de345dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8706
x-amzn-requestid: 37d04670-7b5a-4cbb-ad4c-46615c604bc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzcG2moAMF30g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb349-5351f9c15ad587ae3c807d48;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lcckuCebVvSAYgrOAQaGKSp9Bg7RMpdpgIr_3rlRjKgn6iuIQYDHVg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 52945
etag: "90dd5e86857e7f6313bbb053baa8c1d4784d3089"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 52945
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcf56e65178e3bdb802a8215b48d11f0
6ca14b815e1446172a72f28f58fbbf97272a512b
42a88966c46e9670786e171700f403805f1a278aef0edfee233afb8fd5e41e46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 5a4d63f8-dd44-4003-bd90-4ebcdf4517e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdbBcECroAMFrFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087209-22f3a6a174d32fd11f863106;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:11:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hvJEdV6JLI2wSnHo_y3lhjaS0p0-tXpeedn_z3BuRuz7xfqBun_ntw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 11:04:35 GMT
age: 6693
etag: "6ca14b815e1446172a72f28f58fbbf97272a512b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfb49483-577b-4413-86f1-41eeb2d7b540.jpeg
200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfb49483-577b-4413-86f1-41eeb2d7b540.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3a2c5db656aab4f88ddadd8fa742b4c
78c0d3df42ec5ae34ad62430b6c4794e03fd411e
8818edbe7edbcbc7a46b49d8820851779d4d6c18a1d5cc4fa8234b2ba355a495
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfb49483-577b-4413-86f1-41eeb2d7b540.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2524
x-amzn-requestid: 2db0d0d7-4d18-464f-8c23-f12d5448fb47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkCsE7toAMF9xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3aa-490eb8124b8f16fb747308fa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: spKSoFyyBJFS0Lchq49Ewa7tnd4CK3b-0a0rSlpDugQMpMkvEYIgrg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:00:01 GMT
age: 53767
etag: "78c0d3df42ec5ae34ad62430b6c4794e03fd411e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b74df88-0b3c-4495-ac87-32b567c99e82.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b74df88-0b3c-4495-ac87-32b567c99e82.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12d95a798c8334bb3bff65feb188205e
466df69c851018063e9a45205d0d8688dbcf1e1c
2481bb0562a647aa22bc56931da8eb433a008fffcad62b51912d32e52616f229
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b74df88-0b3c-4495-ac87-32b567c99e82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: a50790d8-1534-49f7-aec4-79a21d959e16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5PH91oAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb36e-670f1e3f185c60ff212fde71;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: yDbg3M_T8LDhrtyx2X-GupahP1h0agvpQXV1FzEqBBAGmIRWeJmRQA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:57:00 GMT
age: 53948
etag: "466df69c851018063e9a45205d0d8688dbcf1e1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HwwG0Hjf8uZn1AtbLU_wKs3w9lict3tRP31XQY6tIxDz9KDNaBMAqw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 04:00:05 GMT
age: 32163
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
3.18.103.154
93.184.220.29
23.36.77.32