dyuwomeusn.com/Overwrite/en/login.php
200 OK 11 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/login.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1157), with CRLF line terminators
Hash 12e1bcc0294a15ee60ac0f66b5c6fad3
f76d5da3769bbc1ff3378a22715a21217e0d8938
174c57c805510c0ea3fdb625ac7380fb5a15fb23a9113c43633cab64e794abcd
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
openphish Netflix Inc.
phishtank Other
fortinet Phishing
GET /Overwrite/en/login.php HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2273
Expires: Mon, 02 Jan 2023 19:13:06 GMT
Date: Mon, 02 Jan 2023 18:35:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 97a9e292b1e09ac6fb7c784fe38d0065
6c2093595d87dd4429345da43d264b7321d50f38
f4de30ea042e3ed7f7d2f738e00120d13f301649744abeebb7dd0aef6c19188d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4DE30EA042E3ED7F7D2F738E00120D13F301649744ABEEBB7DD0AEF6C19188D"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4910
Expires: Mon, 02 Jan 2023 19:57:03 GMT
Date: Mon, 02 Jan 2023 18:35:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b0a4b7e28ad3a91135d52c7457790b5
075f22ab45d169766252467ae44903250e480f9b
312744aeb6fcc4296025205bc70c40316dd3c8a4b626669ac43e32c33104473a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312744AEB6FCC4296025205BC70C40316DD3C8A4B626669AC43E32C33104473A"
Last-Modified: Sat, 31 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6966
Expires: Mon, 02 Jan 2023 20:31:20 GMT
Date: Mon, 02 Jan 2023 18:35:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 02 Jan 2023 17:47:28 GMT
content-type: application/json
age: 2866
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KKUzOnP21b7av3KBXoco35c1cZ2A2b+RxRen+aaX3nM2sEx8UV6+aHGPqp/faGLrV/FSa1Vnr5c=
x-amz-request-id: W1KDNX4C4JRY78ZR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 02 Jan 2023 17:58:22 GMT
age: 2212
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jan 2023 18:35:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dyuwomeusn.com/Overwrite/en/style/css/stylef.css
200 OK 7.8 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/stylef.css
IP
File type ASCII text, with very long lines (3786), with CRLF line terminators
Hash 7fbdf936b3a0dfe5d689966bfd047bbf
e50e67c7f7f6498a3d8c57d85b7e1d4365c63a09
9c5da9364f95ebb0c61fa03589a4cbc10bc091c62295fad5e8e92f24625e543b
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /Overwrite/en/style/css/stylef.css HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 7836
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dyuwomeusn.com/Overwrite/en/style/js/style.js
200 OK 2.2 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/js/style.js
IP
File type ASCII text, with CRLF line terminators
Hash 898f19a99389c21b45afaa5cbc50ebbe
6dd2957947201f36f3a50cad3bda18874d2508d7
f050012b033cb391112b37757113c73ff09884815ff73ce45592ee309ce87b3f
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/js/style.js HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 2239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
dyuwomeusn.com/Overwrite/en/style/js/jquery.mask.js
200 OK 18 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/js/jquery.mask.js
IP
Hash 219d169a80568884a3d6baab3e5e7def
61d00104de8c972c820cd9b527d8e2edb30e5c4a
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/js/jquery.mask.js HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 18430
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
dyuwomeusn.com/Overwrite/en/style/js/angular.min.js
200 OK 167 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/js/angular.min.js
IP
File type ASCII text, with very long lines (566)
Size 167 kB (167131 bytes)
Hash be6af23e2a716c006da75d0291784254
9c923313eabc56d715a7c07bf855feb26a72f671
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/js/angular.min.js HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 167131
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
dyuwomeusn.com/Overwrite/en/style/js/jquery.validate.min.js
200 OK 50 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/js/jquery.validate.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (511), with CRLF line terminators
Hash d5629cbf42e106909b5113e08df03ce1
d3094a0e83e7189eefc2ac0af6299b27db141eae
4722cc6e6ae20ebfa5b2101b4424df64b9db793fc22061f4b3ddcdc5bf6a4c63
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/js/jquery.validate.min.js HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 50170
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 02 Jan 2023 18:33:35 GMT
age: 99
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dyuwomeusn.com/Overwrite/en/style/css/nonechaditk.css
200 OK 126 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/nonechaditk.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 126 kB (125987 bytes)
Hash 7d3d35b429405a36ecbce5c88966d875
651d66bd4a49be818640b0138cb03dcfef9dddc0
a7aaba567a989c0a456f9ff8934a87c98877d4396c27aaa0e29b2bf3e62bba70
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /Overwrite/en/style/css/nonechaditk.css HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 125987
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dyuwomeusn.com/Overwrite/en/style/js/jquery.min.js
200 OK 293 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/js/jquery.min.js
IP
File type ASCII text, with CRLF line terminators
Size 293 kB (293072 bytes)
Hash 796b7948cbe79d3498e76e395bff5a2b
e620c80f65fbcb252e91f12c8d7d36d3dc5b57e4
692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/js/jquery.min.js HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 293072
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash 949e1488247f88de92a236c833157150
742a3f40ac2806fda515365bfb8683aa66b8f7b0
7d7cecfbae5143277933d1e1abdb6f5295b595edfe2fc83068a8a3eca8d797bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4887
Cache-Control: max-age=143591
Content-Type: application/ocsp-response
Date: Mon, 02 Jan 2023 18:35:14 GMT
Etag: "63b29eb2-1d7"
Expires: Wed, 04 Jan 2023 10:28:25 GMT
Last-Modified: Mon, 02 Jan 2023 09:06:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
dyuwomeusn.com/Overwrite/en/style/css/FB-f-Logo__blue_57.png
200 OK 1.5 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/FB-f-Logo__blue_57.png
IP
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash a33ca47ef110b6e3ec5086b8776407d3
dff5bbbe61b4920a23fb21a7fca69ca9e94dcb6c
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /Overwrite/en/style/css/FB-f-Logo__blue_57.png HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 1455
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
dyuwomeusn.com/Overwrite/en/style/css/alpha_website_small.jpg
200 OK 116 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/alpha_website_small.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data
Size 116 kB (115912 bytes)
Hash 330f71efaf9464edb933d1d635e27dd6
3d11a19729f6fcd344df1c38f34eccfa60a6bf2d
3e379956c11b27e761265f7d50f07f680407c9bfe4b067856b9408755ec08255
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /Overwrite/en/style/css/alpha_website_small.jpg HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 115912
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
dyuwomeusn.com/Overwrite/en/style/css/site-spinner-240-light.png
200 OK 5.1 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/site-spinner-240-light.png
IP
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 93ebf9e3bb5fde6c9456ca28711bfbba
006bef52015403d071a73fb6f04bd2dd98f82ebb
5a7ed665f614fe2c62e79a477715dd18c8afae67f7c580bc049e013feb2864b7
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /Overwrite/en/style/css/site-spinner-240-light.png HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/style/css/nonechaditk.css
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 5095
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PJpGYQdf0fyHNJPw2+MKAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +ki7LYB+jSKuytFSgHn7W00al+w=
dyuwomeusn.com/Overwrite/en/style/css/nficon2016.png
200 OK 1.8 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/nficon2016.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d194514babc5d7d010308a0f808ca51
867e51e9b4a474c19da52d6454076c007a9d01f2
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /Overwrite/en/style/css/nficon2016.png HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:15 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 1755
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
dyuwomeusn.com/Overwrite/en/style/css/nficon2016.ico
200 OK 17 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/nficon2016.ico
IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/css/nficon2016.ico HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/login.php
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:15 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 16958
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
dyuwomeusn.com/Overwrite/en/style/css/nf-icon-v1-93.woff
200 OK 74 kB URL HTTP/1.1 dyuwomeusn.com/Overwrite/en/style/css/nf-icon-v1-93.woff
IP
File type Web Open Font Format, CFF, length 73572, version 0.0\012- data
Hash 7cf6156cc481244b5a254362d7b73f00
4391003d1cb06d2bd1921a5813a57604fa7d9935
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /Overwrite/en/style/css/nf-icon-v1-93.woff HTTP/1.1
Host: dyuwomeusn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://dyuwomeusn.com/Overwrite/en/style/css/nonechaditk.css
Cookie: PHPSESSID=30484c5dc4be9d9413f37b3c09204b21
HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 18:35:14 GMT
Server: Apache
Last-Modified: Fri, 19 Nov 2021 21:39:46 GMT
Accept-Ranges: bytes
Content-Length: 73572
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2686
Expires: Mon, 02 Jan 2023 19:20:02 GMT
Date: Mon, 02 Jan 2023 18:35:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2686
Expires: Mon, 02 Jan 2023 19:20:02 GMT
Date: Mon, 02 Jan 2023 18:35:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2686
Expires: Mon, 02 Jan 2023 19:20:02 GMT
Date: Mon, 02 Jan 2023 18:35:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2686
Expires: Mon, 02 Jan 2023 19:20:02 GMT
Date: Mon, 02 Jan 2023 18:35:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b277398-f4fa-4af1-a6f3-47dc5a33ccf3.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b277398-f4fa-4af1-a6f3-47dc5a33ccf3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0452f1ad1a7813d06adf22e178c5284
615a0072aa450329f48fbf30c921cdb6670b249a
72b733f965c7438896bcd95aac4c9bb10a83a2c35f1c459be488b6751dc1b311
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b277398-f4fa-4af1-a6f3-47dc5a33ccf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6459
x-amzn-requestid: b972726f-8a3e-4078-a11d-ea03474aed50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7a2EGwJIAMFvSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b59-183339ab019f2cbe168c8744;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:49:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: y59ckb1uCbY_b7u8lk9CGep3RI12eiJyikcmfRXvoss6jRT3CbsLFQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 22:21:26 GMT
age: 72830
etag: "615a0072aa450329f48fbf30c921cdb6670b249a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2eac6cb10f73a9133b10b29991d36d28
50dbba1b337a139007815016c1e1d91309a3ac0e
8f8783c086623f20451d3e5321e2ca2ca64d559370e94b0c2aeb8dfe3c95207d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5150
x-amzn-requestid: ebece8b2-8256-42b6-8ae3-3654d2b7b319
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d6ZBEFUZoAMF2OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ada206-10bdc2ae5ee1d4494ebcdaad;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 14:19:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M-erf0gwboJTnX5LWgKYpEjsq5bHuAShdResjK97rTMV1bQNDUof6w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 07:41:12 GMT
age: 39244
etag: "50dbba1b337a139007815016c1e1d91309a3ac0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e628ac1e25757ac0177f4a392d6b7ddb
d457e65190f24dce30af852e07b2d55f1fe5d808
b51790825ceb10ba7d5ec69081c098b7c82e72e4128dc1c23fa4f45495fbfa65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5684
x-amzn-requestid: a8295357-6fcf-436d-8884-cbc529f3cba4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxSEVGMcIAMFdXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a9fd4e-3067d9957e1e512174ab34bc;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 20:00:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XU-AgqVtSS4DT7lnUIav920Fg5fSbvOYZ_EFXNedq9TLrt2clB7TUQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 22:12:08 GMT
age: 73388
etag: "d457e65190f24dce30af852e07b2d55f1fe5d808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a92938ba6a58bd49a9938a24e404cba
2adeb5279f5a130a4ddc05199bc7b0b197a3cabc
1779831cec3a72aa82e2dab789c043da6a7fa432ff75a644733b0ee5f81b965b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10426
x-amzn-requestid: b6ad4eac-168a-477b-9883-f77fffc6468f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5ZfRG7XIAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad3c61-7766d0293ca12d6e2436ac66;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:06:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fbLIBt1nYKjHIB6qMh22u5A92HgG0_f84qqlf5rqpwl4brcU5UB8eQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 12:48:40 GMT
age: 20796
etag: "2adeb5279f5a130a4ddc05199bc7b0b197a3cabc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb9e048a-d832-4c9c-bbf4-523cf2df949e.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb9e048a-d832-4c9c-bbf4-523cf2df949e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63e10036442be6087f22f671351bfcf4
d23fda523cd1581a497c1e8d93b6a3a65bbbd05d
bd17928141e8ba15eaf14f140f9cc6648502da10bef74dab32e1790f68d150d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb9e048a-d832-4c9c-bbf4-523cf2df949e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10904
x-amzn-requestid: e672bb95-0521-41e2-b44d-18d108768f0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRyVGO0IAMFfsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcdb-2e2b0c1e73840de93343ce08;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jFQMuTFlyJiHJmuLONMfpIurk7XCM02NfcPvqsFaybqOjbrdvphLOw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:58:50 GMT
age: 74186
etag: "d23fda523cd1581a497c1e8d93b6a3a65bbbd05d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f863eb68713f937898561731454ef32e
b0ca943b8ca57da9cf2c69384e5c598bdfb48d33
4af7b5228d39d0e47a159422483fa6ccf683920241a50e4c6348d176a2783a6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7755
x-amzn-requestid: 8a52ee34-c50c-4a05-9fa3-17770c3d61ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFSNAFbJoAMFu8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fd86-09de8074042bc69045896070;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AwE7pLbWK6Q22wWyQjk_c2sRMBrSsV-SiZoyNdGKqYc5QTafBfuJsA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:58:11 GMT
age: 74225
etag: "b0ca943b8ca57da9cf2c69384e5c598bdfb48d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 637fa2e4a9d13d27b853f79963fcaf66
864eb6eedab1c17c5d36458b6ed318ece61d62d9
34cee03b8390cfdff3a51509c494464c3db241508e152df54d922485392c029f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9553
x-amzn-requestid: 872aef94-65be-4b4e-b904-fb6be8d7ba80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRxiHnXoAMFzyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcd6-681bbf9b4c10237842ac5e6e;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fs0gFGup81X3pc17a7iwWcVc_uQTSNKn_tjCTGaubAVsw4KQue9vfQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:53:02 GMT
age: 74541
etag: "864eb6eedab1c17c5d36458b6ed318ece61d62d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
93.184.220.29
52.42.185.162
95.101.11.115