urlquery - report: needlemaster.pk/iti/uldeopmvasutt

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
detectportal.firefox.com (2)	1601	2017-01-30 00:03:31 UTC	2022-10-04 04:16:52 UTC	34.107.221.82
getpocket.cdn.mozilla.net (1)	1369	2017-08-31 07:41:15 UTC	2022-10-04 04:28:31 UTC	34.120.5.221
shavar.services.mozilla.com (1)	3602	2017-01-30 05:00:58 UTC	2022-10-04 05:04:37 UTC	52.35.225.239
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-10-04 04:18:32 UTC	34.120.237.76
needlemaster.pk (1)	0	2019-08-26 10:44:26 UTC	2022-10-03 00:28:28 UTC	50.87.4.49	Unknown ranking
r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-10-03 07:33:36 UTC	23.36.76.226
content-signature-2.cdn.mozilla.net (5)	1152	2020-11-03 12:26:46 UTC	2022-10-03 08:07:24 UTC	143.204.55.25
firefox.settings.services.mozilla.com (15)	867	2020-05-27 20:08:30 UTC	2022-10-04 00:45:50 UTC	143.204.55.115
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-10-03 09:28:24 UTC	34.117.237.239
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2022-10-04 02:06:24 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-10-03 09:28:24 UTC	34.218.168.248
firefox.settings.services.mozilla.com (15)	867	2020-05-27 20:08:30 UTC	2022-10-04 00:45:50 UTC	143.204.55.35
firefox-settings-attachments.cdn.mozilla.net (1)	11509	2019-11-30 09:32:57 UTC	2022-10-04 07:00:27 UTC	143.204.55.30

Scan Date	Severity	Indicator	Comment
2022-10-04	2	needlemaster.pk/iti/uldeopmvasutt	Malware

Scan Date	Severity	Indicator	Comment
2022-10-04	2	needlemaster.pk	Sinkholed

Scan Date	Severity	Indicator	Comment
2022-10-04	2	needlemaster.pk	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-10-10 15:59:34 +0000	0 - 0 - 8	needlemaster.pk/iti/lusoutiamns	50.87.4.49
2022-10-09 12:29:19 +0000	0 - 0 - 8	needlemaster.pk/iti/lusoutiamns	50.87.4.49
2022-10-09 12:28:21 +0000	0 - 0 - 8	needlemaster.pk/iti/uetimepssrslopla	50.87.4.49
2022-10-09 12:28:08 +0000	0 - 0 - 8	needlemaster.pk/iti/teamte	50.87.4.49
2022-10-08 07:43:23 +0000	0 - 0 - 5	needlemaster.pk/iti/lusoutiamns	50.87.4.49

Date	UQ / IDS / BL	URL	IP
2023-03-24 00:41:02 +0000	0 - 0 - 1	sec07b4.himalayahandicraftcottageindustry.com (...)	108.167.180.12
2023-03-24 00:40:59 +0000	0 - 20 - 21	sec07b4.himalayahandicraftcottageindustry.com (...)	108.167.180.12
2023-03-24 00:35:14 +0000	0 - 0 - 1	minamitours.com/netfIix/account/login.php	50.87.151.103
2023-03-24 00:23:52 +0000	12 - 24 - 25	avvjhuzz4.gq/public/wztRplxDdahb5c6xvjs7QYhOA (...)	162.241.71.69
2023-03-24 00:20:17 +0000	3 - 0 - 1	thesunshinecoastcompany.com/email/verificatio (...)	69.49.244.31

Date	UQ / IDS / BL	URL	IP
2022-10-10 15:59:34 +0000	0 - 0 - 8	needlemaster.pk/iti/lusoutiamns	50.87.4.49
2022-10-09 12:29:19 +0000	0 - 0 - 8	needlemaster.pk/iti/lusoutiamns	50.87.4.49
2022-10-09 12:28:21 +0000	0 - 0 - 8	needlemaster.pk/iti/uetimepssrslopla	50.87.4.49
2022-10-09 12:28:08 +0000	0 - 0 - 8	needlemaster.pk/iti/teamte	50.87.4.49
2022-10-08 07:43:23 +0000	0 - 0 - 5	needlemaster.pk/iti/lusoutiamns	50.87.4.49

Date	UQ / IDS / BL	URL	IP
2023-03-24 00:40:38 +0000	0 - 2 - 0	flashcheck.cc/flashcheck1.1.1.zip	172.67.167.238
2023-03-24 00:09:45 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2013939d (...)	188.93.63.73
2023-03-23 23:17:23 +0000	0 - 3 - 1	201.236.232.34/winbox/winbox.exe	201.236.232.34
2023-03-23 23:16:57 +0000	0 - 0 - 2	dl3.topfiles.net/files/2/61/29047/b0hUUzb20XQ (...)	88.99.67.38
2023-03-23 22:51:10 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/97326750801659 (...)	162.159.134.233

Request	Response
GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: detectportal.firefox.com/success.txt?ipv4 FQDN: detectportal.firefox.com IP: 34.107.221.82 HASH: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 34.107.221.82 HTTP/1.1 200 OK Content-Type: text/plain Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 03 Oct 2022 18:54:28 GMT Age: 49564 Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 --- Additional Info --- Magic: ASCII text Size: 8 Md5: ae780585f49b94ce1444eb7d28906123 Sha1: 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 193a67e9a2c60a2ef38c995da0910b30108e9bcf4ca50d450f6cc5e1f73a1f35 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "193A67E9A2C60A2EF38C995DA0910B30108E9BCF4CA50D450F6CC5E1F73A1F35" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12206 Expires: Tue, 04 Oct 2022 12:03:59 GMT Date: Tue, 04 Oct 2022 08:40:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 252e2295b59a127ac18219b0679c1e0d Sha1: b7f54cee36ae5b677fdb902be7d8d119804c6ec4 Sha256: 193a67e9a2c60a2ef38c995da0910b30108e9bcf4ca50d450f6cc5e1f73a1f35
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12009 Expires: Tue, 04 Oct 2022 12:00:42 GMT Date: Tue, 04 Oct 2022 08:40:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9955bda9c9ef64bc5700a14af0bae25e Sha1: 8de7b7469e905af0374bdfcc3006bbb844f13e94 Sha256: 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 Host: getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: getpocket.cdn.mozilla.net/v3/firefox/global-recs?versio (...) FQDN: getpocket.cdn.mozilla.net IP: 34.120.5.221 HASH: 1cbe2926ecb9f0857a8dbaae7742e6983a37e36320ab5dbbbc6b40346719c3a5 34.120.5.221 HTTP/2 200 OK content-type: application/json server: nginx vary: Accept-Encoding content-location: global-recs.php tcn: choice x-frame-options: SAMEORIGIN status: 200 OK x-source: Pocket pragma: cache p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE" x-cache: Miss from cloudfront x-amz-cf-pop: SEA73-P2 x-amz-cf-id: CPy6G5b1sgYFdASS7JaUpYxblxPad-1cEnxqgB_sWMtFlMUI1O1pPA== content-encoding: gzip via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google date: Tue, 04 Oct 2022 08:29:25 GMT content-length: 37780 age: 668 cache-control: s-maxage=900,public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size: 37780 Md5: 0c3118edcae8743137fa20e20545de40 Sha1: 5ef8119ce848c402da334f62c40d9be75e73f0de Sha256: 1cbe2926ecb9f0857a8dbaae7742e6983a37e36320ab5dbbbc6b40346719c3a5
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 04 Oct 2022 04:09:09 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: u0nh23LnoM1dS_b56TBySIorybtCzQ2U3yNuH5A5c0hh2biJ1ht1lg== age: 18972 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.115 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 143.204.55.115 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 04 Oct 2022 07:47:04 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: JDzFkh_X33Qw9oGbvN_R47spRbHU_P6ZKA_83kgVGUSsdIb6GaWlYw== Age: 3209 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 04 Oct 2022 08:40:33 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: eca187e488a3425adcdd97e76243a32b60c3988e3cb970fa6c3ca9424d900a8c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ECA187E488A3425ADCDD97E76243A32B60C3988E3CB970FA6C3CA9424D900A8C" Last-Modified: Sun, 02 Oct 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21596 Expires: Tue, 04 Oct 2022 14:40:29 GMT Date: Tue, 04 Oct 2022 08:40:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5666818857fe39db40b8b8d3dc262968 Sha1: 418fa5ab035fc18e793202a3132db6bb26697a18 Sha256: eca187e488a3425adcdd97e76243a32b60c3988e3cb970fa6c3ca9424d900a8c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: fae76656f84415c6c3131e8b9bf7de17bb290f629f68589df9a876b74fe8d0cf 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4461 Cache-Control: 'max-age=158059' Date: Tue, 04 Oct 2022 08:40:33 GMT Last-Modified: Tue, 04 Oct 2022 07:26:12 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee0c3ad84c2ff07972a79d2646b14a6c Sha1: cf666144113016cef9a674e4e7400cdb123180eb Sha256: fae76656f84415c6c3131e8b9bf7de17bb290f629f68589df9a876b74fe8d0cf
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4306 Cache-Control: 'max-age=158059' Date: Tue, 04 Oct 2022 08:40:34 GMT Last-Modified: Tue, 04 Oct 2022 07:28:48 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 321fa9a78e31dcb66601ac5890bfba73 Sha1: c325580db79bde6fd00d2d0c7e3f675e4c0046bb Sha256: 83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.115 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.115 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600, max-age=3600 Date: Tue, 04 Oct 2022 08:29:33 GMT Expires: Tue, 04 Oct 2022 09:26:52 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: VeHsIoqK8A0smeVNrLp_0bOTUOba_pJznrkmxqEFD8102I0icjpJAg== Age: 661 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: QJcNNBgIrrax2dO1Q0tW9w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.218.168.248 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.218.168.248 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: Q1Ypib9jrYvcgg31apyntDWuKUs= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: detectportal.firefox.com/success.txt?ipv4 FQDN: detectportal.firefox.com IP: 34.107.221.82 HASH: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 34.107.221.82 HTTP/1.1 200 OK Content-Type: text/plain Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 03 Oct 2022 18:54:28 GMT Age: 49566 Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 --- Additional Info --- Magic: ASCII text Size: 8 Md5: ae780585f49b94ce1444eb7d28906123 Sha1: 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 Host: shavar.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 773 Connection: close Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: none Pragma: no-cache Cache-Control: no-cache	URL: shavar.services.mozilla.com/downloads?client=Firefox&ap (...) FQDN: shavar.services.mozilla.com IP: 52.35.225.239 HASH: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b 52.35.225.239 HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Tue, 04 Oct 2022 08:40:34 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 8 Connection: Close --- Additional Info --- Magic: ASCII text Size: 8 Md5: 29fc57841962e407cb50c1be60284bf7 Sha1: ce968a77e2996da5eee8925182318f171ccdce47 Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221664870231799%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/monito (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 8cd2bfd13ac0ccba0aa680f2b7c25a6b99981b5c5a9203d2228097d6a0ba7bcb 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Cache-Control: max-age=3600, max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 04 Oct 2022 08:02:02 GMT Expires: Tue, 04 Oct 2022 09:02:02 GMT Last-Modified: Tue, 04 Oct 2022 07:57:11 GMT X-Content-Type-Options: nosniff Content-Encoding: br Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: gXhaEAB9WwqPla0YDMHCwVrFek8tqv_U086yBTbJDZVDsz__pPNryg== Age: 2312 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (22383), with no line terminators Size: 4715 Md5: aa4dc80a940802df33f6f49e56307cb2 Sha1: 23a9032eae05dc49ebf218c3940b9f03b2a4bc58 Sha256: 8cd2bfd13ac0ccba0aa680f2b7c25a6b99981b5c5a9203d2228097d6a0ba7bcb
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/blockl (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Tue, 04 Oct 2022 00:37:21 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 07:50:03 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: W9bsJ1VjY47MserztQMBNkZUuIERfPKjoMvb_mK-TCDdoXwjg8AnVg== Age: 3467 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size: 12694 Md5: 5cf185631def1f6c6cdc07f71b5bb09b Sha1: e77a3cb34d90c0b0e3a14ecec13022ccc338bdd8 Sha256: 47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Fri, 30 Sep 2022 18:50:55 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Mon, 03 Oct 2022 22:29:48 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: tjsSYN3Aks2CeGAmd4G7mzD_UFSm2-eMIj8R-AvZoz8P3XLWhn7ZmQ== age: 36647 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 04 Oct 2022 07:47:04 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: lzwbmWFAM18s-qONITUjRBhjJhvJPkCon8Of18pXHd0KhURv8F-N7Q== Age: 3211 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 Host: firefox-settings-attachments.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox-settings-attachments.cdn.mozilla.net/staging/ad (...) FQDN: firefox-settings-attachments.cdn.mozilla.net IP: 143.204.55.30 HASH: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571 143.204.55.30 HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 795699 Connection: keep-alive Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF Accept-Ranges: bytes Server: AmazonS3 Date: Tue, 04 Oct 2022 05:06:47 GMT ETag: "9b95765b0e26af76116a95a966d61354" X-Cache: Hit from cloudfront Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: o1spyESqiDOFESXNP5tgh3YPGrElUkit2D09L6UywOxHfHScVFrISQ== Age: 27405 --- Additional Info --- Magic: data Size: 795699 Md5: 9b95765b0e26af76116a95a966d61354 Sha1: 3f7c1b40fc999b83f3696f455402e49ab484b027 Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Tue, 04 Oct 2022 00:01:04 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 08:12:09 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: m6Vq3iCMrVwNjd_b8VMVm1-N0uw6bnzZoCy0BJAbc6iLcxlrzjq0rw== Age: 1807 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (58918), with no line terminators Size: 12205 Md5: bf797f1c12f4c97b84a1db110e6c9631 Sha1: 8aaabe0750b31d2a7394c54ebfbfc9d5aa7a933c Sha256: 0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6" TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 143.204.55.25 HTTP/2 304 Not Modified last-modified: Fri, 30 Sep 2022 18:50:55 GMT content-disposition: attachment server: AmazonS3 date: Mon, 03 Oct 2022 22:29:48 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: NJGAy1c4_oOprVMmYeMRqSyUthdgIRwGdvmSYOGJhMOamoAIEmVveg== age: 36648 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 30 Sep 2022 22:29:41 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 08:12:10 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ovxspBhvp7tKKr41aCaW-jeWXSZTA8-ShEUH-X25LvpHgco7sAKH7Q== Age: 2453 --- Additional Info --- Magic: ASCII text, with very long lines (31812), with no line terminators Size: 4522 Md5: 0a8cfe2efc6b0b24150c549ab477643e Sha1: ea11b76b989c1cca396d75cb40774bbd014ef689 Sha256: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6" TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 143.204.55.25 HTTP/2 304 Not Modified last-modified: Fri, 30 Sep 2022 18:50:55 GMT content-disposition: attachment server: AmazonS3 date: Mon, 03 Oct 2022 22:29:48 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: mPsDFW-D-_5yEedt0jaBa6Kol562a0p68ETfLQ9OQl0-CYN2pxyR2g== age: 36648 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: gzip Cache-Control: max-age=3600 Date: Tue, 04 Oct 2022 08:35:46 GMT Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: yZuRqNHsyG5L7z8V0wHmHiLEDFanYftKPnpljMhP9Hf2q8psIa2Tug== Age: 289 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (20423), with no line terminators Size: 5855 Md5: 10baf28aac846a3698df02337eaf7cee Sha1: 6b67e052ee8a728c5481a6a6b54d6a0a4833638b Sha256: 21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 04 Oct 2022 05:28:28 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: zxGp-W2ejhO3yOuHW8SPhIGX3PWTwXsOBY3LtVL7roNmMxBlfnfnpg== age: 11528 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 08:35:04 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: MX8WJ7mljm3Ei5T6Xd3CHE5goEU02ohjcMR4RBy8vuB-wEitobhL2w== Age: 339 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1393), with no line terminators Size: 780 Md5: 7cc9023d283eac5c86c23ef7d8d53612 Sha1: 18ebd937973c42f4252969afbacab560993826e7 Sha256: 08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Wed, 28 Sep 2022 05:56:48 GMT Cache-Control: max-age=2592000 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: XyY5bk4XFGBBoBYX6e992qwVBurfwMQmqop1Lk-3XyoJwCOrY55x4g== Age: 528762 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (8682), with no line terminators Size: 3275 Md5: a3d031972a53ce7c0335f6110586ec9c Sha1: 4c32da8a240101524c01ec333cc53a07f1d2ebff Sha256: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Tue, 04 Oct 2022 07:45:01 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: HIad0Q_mCoAnkMoivJiiAGeh6VAPsfKpRVDzmsP3yRqHxITh1HXEAw== Age: 3403 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (14029), with no line terminators Size: 3393 Md5: 28bf4850d0381c6e4a223d862f122b2d Sha1: aaaf470779861678a2cd105303b37cdefc93302f Sha256: 3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 08:29:35 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 4tz7xKo8gKf1mOatJDGFwdmWOC2DnZDUwxysujjMQF1bsS3CRNTF9w== Age: 832 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (3678), with no line terminators Size: 1411 Md5: 198ef0717b8812aadc957d1e2ff4aafb Sha1: 08061aca9c054ec44311c30eb09c67ee1e80fd47 Sha256: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 682 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 26 Sep 2022 16:36:56 GMT X-Content-Type-Options: nosniff Date: Tue, 04 Oct 2022 08:12:27 GMT Cache-Control: no-cache, no-store, max-age=3600 ETag: "1664210216116" X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ZeUPEm-AT1SzqEc8uFzTCU7_pPFQLFSnDVtTyQPhEBnVbRBRZF1ZjQ== Age: 1690 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (682), with no line terminators Size: 682 Md5: 4e767b65980ef55063cce1d7f423c58e Sha1: f6f9756deac632f187752ff6708a2e3a71a04ebc Sha256: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: br Date: Mon, 03 Oct 2022 15:57:46 GMT Cache-Control: max-age=259200 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: mXmGrv1WVI5VjLd12gBAEsL3qpVu9eP7-is1NKxVJrhrjc1nwORoVA== Age: 60217 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1710), with no line terminators Size: 900 Md5: 7b0f15820fbc79772d69b103cb111800 Sha1: 92ccda464b19ef35736c03edd82b578661361212 Sha256: 7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Tue, 04 Oct 2022 08:37:27 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: h-YtXV-wxITlHwDOy22R3Lpa3SSKi7aT8opQYMVAfg58GibgUk01lg== Age: 212 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (2194), with no line terminators Size: 1080 Md5: 4286df03a653e5b403e88a8d28933306 Sha1: 8f974648aef7d271443707ce3a6eba8d9a117872 Sha256: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19082 Expires: Tue, 04 Oct 2022 13:58:38 GMT Date: Tue, 04 Oct 2022 08:40:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19082 Expires: Tue, 04 Oct 2022 13:58:38 GMT Date: Tue, 04 Oct 2022 08:40:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6315 x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWSdsHUnIAMFXtw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google date: Tue, 04 Oct 2022 04:42:51 GMT age: 14265 etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6315 Md5: 206fb65e75dbadf119512f71e0b78402 Sha1: 58ff0bf8ce7528b303d28bab01a80ad721705569 Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4858 x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpvTEfPoAMFfeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT x-amz-cf-pop: SFO5-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA== via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:20 GMT age: 39376 etag: "585e7146fd24cdc2496b05baafea04091dc541e2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4858 Md5: 6779181f9c06975f2a662da743893939 Sha1: 585e7146fd24cdc2496b05baafea04091dc541e2 Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5083 x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpI0HT0IAMFxvQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT x-amz-cf-pop: SFO5-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw== via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 22:38:28 GMT age: 36128 etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5083 Md5: 34f2dfb2faff276db1d4a57739db2450 Sha1: f5ce815082043a4efce28fc790ae7d8b3a8531f8 Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5504 x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpHvHPvoAMF3mg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:33 GMT age: 39363 etag: "20ef861be49c652a938e0145e4ca3a60159367e2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5504 Md5: 6c6882c60d7ca6f918c77104e3ad1d52 Sha1: 20ef861be49c652a938e0145e4ca3a60159367e2 Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9917 x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpvTGEnIAMF1zg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:20 GMT age: 39376 etag: "22aab05208a01ae5def4d63dc145085630f57bcb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9917 Md5: d8c08f8066cc732de8befd6ccd629a95 Sha1: 22aab05208a01ae5def4d63dc145085630f57bcb Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9855 x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpHuGX7oAMFgDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT x-amz-cf-pop: SFO5-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w== via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 23:32:19 GMT etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1" age: 32897 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9855 Md5: 7b7345414898d451d930431b46d4bd00 Sha1: a36475a0ec7d7b92593cadd4aa99ca38550f1cd1 Sha256: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
GET /iti/uldeopmvasutt HTTP/1.1 Host: needlemaster.pk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: needlemaster.pk/iti/uldeopmvasutt FQDN: needlemaster.pk IP: 50.87.4.49 50.87.4.49 HTTP/2 200 OK content-type: application/octet-stream content-description: File Transfer content-disposition: attachment; filename=XuccCEm.zip content-transfer-encoding: binary expires: 0 cache-control: must-revalidate, post-check=0, pre-check=0 pragma: public set-cookie: PHPSESSID=d29c3a76011770820a5ff22aa9604acc; path=/ vary: Accept-Encoding content-encoding: gzip date: Tue, 04 Oct 2022 08:40:33 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 

                                        
                                            
Host: detectportal.firefox.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         34.107.221.82

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 8 

                                        
                                            
Via: 1.1 google 

                                        
                                            
Date: Mon, 03 Oct 2022 18:54:28 GMT 

                                        
                                            
Age: 49564 

                                        
                                            
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   8

                                                Md5:    ae780585f49b94ce1444eb7d28906123

                                                Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86

                                                Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6" 

                                        
                                            
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12009 

                                        
                                            
Expires: Tue, 04 Oct 2022 12:00:42 GMT 

                                        
                                            
Date: Tue, 04 Oct 2022 08:40:33 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9955bda9c9ef64bc5700a14af0bae25e

                                                Sha1:   8de7b7469e905af0374bdfcc3006bbb844f13e94

                                                Sha256: 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Wed, 11 May 2022 19:51:39 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Tue, 04 Oct 2022 04:09:09 GMT 

                                        
                                            
etag: "48ca0beea419a9039591cf1aee5179e0" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: u0nh23LnoM1dS_b56TBySIorybtCzQ2U3yNuH5A5c0hh2biJ1ht1lg== 

                                        
                                            
age: 18972 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    48ca0beea419a9039591cf1aee5179e0

                                                Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307

                                                Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 04 Oct 2022 08:40:33 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4461 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 04 Oct 2022 08:40:33 GMT 

                                        
                                            
Last-Modified: Tue, 04 Oct 2022 07:26:12 GMT 

                                        
                                            
Server: ECS (ska/F71C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ee0c3ad84c2ff07972a79d2646b14a6c

                                                Sha1:   cf666144113016cef9a674e4e7400cdb123180eb

                                                Sha256: fae76656f84415c6c3131e8b9bf7de17bb290f629f68589df9a876b74fe8d0cf

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Cache-Control: max-age=3600, max-age=3600 

                                        
                                            
Date: Tue, 04 Oct 2022 08:29:33 GMT 

                                        
                                            
Expires: Tue, 04 Oct 2022 09:26:52 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: VeHsIoqK8A0smeVNrLp_0bOTUOba_pJznrkmxqEFD8102I0icjpJAg== 

                                        
                                            
Age: 661 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 

                                        
                                            
Host: detectportal.firefox.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         34.107.221.82

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 8 

                                        
                                            
Via: 1.1 google 

                                        
                                            
Date: Mon, 03 Oct 2022 18:54:28 GMT 

                                        
                                            
Age: 49566 

                                        
                                            
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   8

                                                Md5:    ae780585f49b94ce1444eb7d28906123

                                                Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86

                                                Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221664870231799%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After 

                                        
                                            
Cache-Control: max-age=3600, max-age=3600 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Tue, 04 Oct 2022 08:02:02 GMT 

                                        
                                            
Expires: Tue, 04 Oct 2022 09:02:02 GMT 

                                        
                                            
Last-Modified: Tue, 04 Oct 2022 07:57:11 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: gXhaEAB9WwqPla0YDMHCwVrFek8tqv_U086yBTbJDZVDsz__pPNryg== 

                                        
                                            
Age: 2312 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (22383), with no line terminators

                                                Size:   4715

                                                Md5:    aa4dc80a940802df33f6f49e56307cb2

                                                Sha1:   23a9032eae05dc49ebf218c3940b9f03b2a4bc58

                                                Sha256: 8cd2bfd13ac0ccba0aa680f2b7c25a6b99981b5c5a9203d2228097d6a0ba7bcb

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         143.204.55.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Mon, 03 Oct 2022 22:29:48 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: tjsSYN3Aks2CeGAmd4G7mzD_UFSm2-eMIj8R-AvZoz8P3XLWhn7ZmQ== 

                                        
                                            
age: 36647 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    67d5a988edcda47bc3b3b3f65d32b4b6

                                                Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f

                                                Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

                                        
                                            GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 

                                        
                                            
Host: firefox-settings-attachments.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.30

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/octet-stream

                                        

                                        
                                            
Content-Length: 795699 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT 

                                        
                                            
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Date: Tue, 04 Oct 2022 05:06:47 GMT 

                                        
                                            
ETag: "9b95765b0e26af76116a95a966d61354" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: o1spyESqiDOFESXNP5tgh3YPGrElUkit2D09L6UywOxHfHScVFrISQ== 

                                        
                                            
Age: 27405 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   795699

                                                Md5:    9b95765b0e26af76116a95a966d61354

                                                Sha1:   3f7c1b40fc999b83f3696f455402e49ab484b027

                                                Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
TE: trailers

                                         143.204.55.25

                                        
                                            HTTP/2 304 Not Modified

                                        

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Mon, 03 Oct 2022 22:29:48 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: NJGAy1c4_oOprVMmYeMRqSyUthdgIRwGdvmSYOGJhMOamoAIEmVveg== 

                                        
                                            
age: 36648 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
TE: trailers

                                         143.204.55.25

                                        
                                            HTTP/2 304 Not Modified

                                        

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Mon, 03 Oct 2022 22:29:48 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: mPsDFW-D-_5yEedt0jaBa6Kol562a0p68ETfLQ9OQl0-CYN2pxyR2g== 

                                        
                                            
age: 36648 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         143.204.55.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Tue, 04 Oct 2022 05:28:28 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: zxGp-W2ejhO3yOuHW8SPhIGX3PWTwXsOBY3LtVL7roNmMxBlfnfnpg== 

                                        
                                            
age: 11528 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Wed, 28 Sep 2022 05:56:48 GMT 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: XyY5bk4XFGBBoBYX6e992qwVBurfwMQmqop1Lk-3XyoJwCOrY55x4g== 

                                        
                                            
Age: 528762 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (8682), with no line terminators

                                                Size:   3275

                                                Md5:    a3d031972a53ce7c0335f6110586ec9c

                                                Sha1:   4c32da8a240101524c01ec333cc53a07f1d2ebff

                                                Sha256: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86

                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Date: Tue, 04 Oct 2022 08:29:35 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 4tz7xKo8gKf1mOatJDGFwdmWOC2DnZDUwxysujjMQF1bsS3CRNTF9w== 

                                        
                                            
Age: 832 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (3678), with no line terminators

                                                Size:   1411

                                                Md5:    198ef0717b8812aadc957d1e2ff4aafb

                                                Sha1:   08061aca9c054ec44311c30eb09c67ee1e80fd47

                                                Sha256: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427

                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Date: Mon, 03 Oct 2022 15:57:46 GMT 

                                        
                                            
Cache-Control: max-age=259200 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: mXmGrv1WVI5VjLd12gBAEsL3qpVu9eP7-is1NKxVJrhrjc1nwORoVA== 

                                        
                                            
Age: 60217 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (1710), with no line terminators

                                                Size:   900

                                                Md5:    7b0f15820fbc79772d69b103cb111800

                                                Sha1:   92ccda464b19ef35736c03edd82b578661361212

                                                Sha256: 7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" 

                                        
                                            
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19082 

                                        
                                            
Expires: Tue, 04 Oct 2022 13:58:38 GMT 

                                        
                                            
Date: Tue, 04 Oct 2022 08:40:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ff433c9569a3557d806b1480aeafece9

                                                Sha1:   20bbd46383b85326837f45290ff87df708b3b310

                                                Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6315 

                                        
                                            
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWSdsHUnIAMFXtw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ== 

                                        
                                            
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 04 Oct 2022 04:42:51 GMT 

                                        
                                            
age: 14265 

                                        
                                            
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6315

                                                Md5:    206fb65e75dbadf119512f71e0b78402

                                                Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569

                                                Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5083 

                                        
                                            
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZcpI0HT0IAMFxvQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT 

                                        
                                            
x-amz-cf-pop: SFO5-P2, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw== 

                                        
                                            
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 03 Oct 2022 22:38:28 GMT 

                                        
                                            
age: 36128 

                                        
                                            
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5083

                                                Md5:    34f2dfb2faff276db1d4a57739db2450

                                                Sha1:   f5ce815082043a4efce28fc790ae7d8b3a8531f8

                                                Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9917 

                                        
                                            
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZcpvTGEnIAMF1zg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ== 

                                        
                                            
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 03 Oct 2022 21:44:20 GMT 

                                        
                                            
age: 39376 

                                        
                                            
etag: "22aab05208a01ae5def4d63dc145085630f57bcb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9917

                                                Md5:    d8c08f8066cc732de8befd6ccd629a95

                                                Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb

                                                Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770

URL	needlemaster.pk/iti/uldeopmvasutt
IP	50.87.4.49 (United States)
ASN	#46606 UNIFIEDLAYER-AS-1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-10-04 08:40:48 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	3
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 50.87.4.49

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 5 reports on domain: needlemaster.pk

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (41)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 50.87.4.49

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 5 reports on domain: needlemaster.pk

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (41)

Network Intrusion Detection Systems