Report - bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/

Report Overview

Submitted URL
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
IP
104.18.23.52
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-04 16:56:39
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.163.74.93
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-13T08:10:39Z	1.8 kB	4.7 kB	54.230.80.227
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link	unknown	2022-11-04T18:21:35Z	2023-03-02T00:05:09Z	2.5 kB	4.0 kB	104.18.23.52
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	475 B	93.184.220.29
csp-report-to.web3.storage	unknown	2023-01-04T03:05:58Z	2023-03-13T06:49:02Z	4.3 kB	2.2 kB	52.42.78.127
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	60 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Generic/Spear Phishing
2023-01-28	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Generic/Spear Phishing
2023-01-28	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Generic/Spear Phishing
2023-01-28	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Generic/Spear Phishing
2023-01-28	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Generic/Spear Phishing

PhishTank

Scan Date	Severity	Indicator	Alert
2023-01-14	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Other
2023-01-14	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/microsoft-logo.png	Other
2023-01-14	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/spoguestaccess-f3cad398.js	Other
2023-01-14	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Other
2023-01-14	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	csp-report-to.web3.storage/	Phishing
2023-02-04	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/spoguestaccess-f3cad398.js	Phishing
2023-02-04	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	Phishing
2023-02-04	medium	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	370 B	2023-03-10	2024-02-04
Pretty URL bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/ IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:48:09 Last Seen2024-02-04 15:12:11 Times Seen50 Hash 186df388dd6b2936822c6c0dad010bf6 eac2b2295e004ba2df4c9087bd2a0ee7553896c7 e6973b4f5af4ef57f4dc01f3762d690bd86f20844786c1b619aaab87aa0a16fb Loading...

	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/	2.1 kB	2023-03-10	2023-09-01
Pretty URL bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/ IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:07:23 Last Seen2023-09-01 14:52:45 Times Seen4 Hash 4018ceb1318a2982b938d5e3bf431a38 0eafee3b99d96ae83ba3964e21c86c5d4f8c0612 a08b69e8856801cf79eac3e7332b6ce4b436c5a2583145549b45239493facd29 Loading...

	bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 23:48:04 Times Seen54572 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

HTTP Transactions (38)

URL IP Response Size

bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/

104.18.23.52

301 Moved Permanently

0 B

URL HTTP/1.1
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
phishtank	Other
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 16:56:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 17:56:28 GMT
Location: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7944f096fcb8b4ed-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10414
Expires: Sat, 04 Feb 2023 19:50:02 GMT
Date: Sat, 04 Feb 2023 16:56:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21110
Expires: Sat, 04 Feb 2023 22:48:18 GMT
Date: Sat, 04 Feb 2023 16:56:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 16:43:38 GMT
content-type: application/json
age: 770
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9301
Expires: Sat, 04 Feb 2023 19:31:29 GMT
Date: Sat, 04 Feb 2023 16:56:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZnmyG0FqZhNOSqkVsEQbHWHqeZIVV60PuecCj4VFhfuU7/MRVIsWzRAirL/QsmOOPA/bVDv27KE=
x-amz-request-id: JKAB5WYYDB4KV1SW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 16:24:05 GMT
age: 1943
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 16:56:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
de7d9b7b95b4fa603e07ff33275e046b
535727191b1de39cb15b49e8040940c67a5f0724
a6984789075f4c15ca86cd3d9e18c44be0596201194f28b2677691cd2f25689d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 16:56:28 GMT
Etag: "63dcc212-116"
Server: ECS (amb/6B7C)
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 16:49:07 GMT
age: 441
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8107
Expires: Sat, 04 Feb 2023 19:11:35 GMT
Date: Sat, 04 Feb 2023 16:56:28 GMT
Connection: keep-alive

push.services.mozilla.com/

35.163.74.93

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.74.93:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vp367cH1Nm09y/xcGym2Ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q16VRtGfyke5C1uKq02nljWziB0=

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8dc3a76db3cc3e5571a23bc1e3d561ec
0283112fe6fcdc0e9f9c0b7fc90330339c96426f
1d4e573b27ebff602d65ad79f4762832b06b85e7f5d20f6382a7da76dc16a223

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162995
Date: Sat, 04 Feb 2023 16:56:29 GMT
Etag: "63de67f0-1d7"
Expires: Mon, 06 Feb 2023 14:13:04 GMT
Last-Modified: Sat, 04 Feb 2023 14:13:04 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U6CIAjQA2Hh2UTv0EImdD5YPDEyMrx-xTCgmr534SN-u2updmckzEA==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8dc3a76db3cc3e5571a23bc1e3d561ec
0283112fe6fcdc0e9f9c0b7fc90330339c96426f
1d4e573b27ebff602d65ad79f4762832b06b85e7f5d20f6382a7da76dc16a223

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162995
Date: Sat, 04 Feb 2023 16:56:29 GMT
Etag: "63de67f0-1d7"
Expires: Mon, 06 Feb 2023 14:13:04 GMT
Last-Modified: Sat, 04 Feb 2023 14:13:04 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: faAONNQhoImZfbMaUdVbtIEODMdzT0KJrPoWSe9WxF7jrBYKHeTMMQ==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8dc3a76db3cc3e5571a23bc1e3d561ec
0283112fe6fcdc0e9f9c0b7fc90330339c96426f
1d4e573b27ebff602d65ad79f4762832b06b85e7f5d20f6382a7da76dc16a223

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 16:56:29 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lK9vNG8eyZBnZDF0h_bvzR601w9QwZtR6S7uKKuVRffIUNhskKBBAQ==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8dc3a76db3cc3e5571a23bc1e3d561ec
0283112fe6fcdc0e9f9c0b7fc90330339c96426f
1d4e573b27ebff602d65ad79f4762832b06b85e7f5d20f6382a7da76dc16a223

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162995
Date: Sat, 04 Feb 2023 16:56:29 GMT
Etag: "63de67f0-1d7"
Expires: Mon, 06 Feb 2023 14:13:04 GMT
Last-Modified: Sat, 04 Feb 2023 14:13:04 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mIAoSGyrxBPbp3JBkjZKV185xBLfemaI9K1KMilCS-NzQWtF_faEGQ==

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8dc3a76db3cc3e5571a23bc1e3d561ec
0283112fe6fcdc0e9f9c0b7fc90330339c96426f
1d4e573b27ebff602d65ad79f4762832b06b85e7f5d20f6382a7da76dc16a223

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 16:56:29 GMT
Etag: "63dd166f-1d7"
Server: ECS (dcb/7F3C)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zZPvDtYJcdBV1vEqqBoG2TELx92jfzjlupw56L477oqfmOzBlwcoIA==

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 773
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sprhwNvHcEJ7A=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 782
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sprgDyvHcEJaQ=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 779
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sprhYKPHcEJGg=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 780
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sprhj1PHcEJ7Q=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 787
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0spti6-PHcEJEQ=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 808
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0spthwlPHcEJ_Q=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 849
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sptir_PHcEJ4A=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 757
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sptgGDvHcEJqA=
X-Firefox-Spdy: h2

csp-report-to.web3.storage/

52.42.78.127

200 OK

55 B

URL HTTP/2
csp-report-to.web3.storage/
IP
52.42.78.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
55 B (55 bytes)
Hash
aa74a1849509e28d51c557d416cc045e
04b375bf2217f87373e6eb8b2fc7b6d2157930f6
d9d3517486c4b91c223148e42e5ce7892033e3b10d08844cb2434e3c969d0c1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: csp-report-to.web3.storage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 776
Origin: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: text/plain
content-length: 55
access-control-allow-origin: *
apigw-requestid: f0sptgFxPHcEJQQ=
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12231
Expires: Sat, 04 Feb 2023 20:20:21 GMT
Date: Sat, 04 Feb 2023 16:56:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12231
Expires: Sat, 04 Feb 2023 20:20:21 GMT
Date: Sat, 04 Feb 2023 16:56:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12231
Expires: Sat, 04 Feb 2023 20:20:21 GMT
Date: Sat, 04 Feb 2023 16:56:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 67569
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 67558
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 67557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 68906
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9141 bytes)
Hash
f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 67380
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9349 bytes)
Hash
4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 59747
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/microsoft-logo.png

104.18.22.52

502 Bad Gateway

11 B

URL HTTP/2
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/microsoft-logo.png
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
50eeaf590dac7639a660d8ba98d009d8
1441dfefc56da793cac98a5a9ac61946d8b9496d
8bc36331ef8b0fc6c198c090bdd4acc3c01185392d2c4d4cd1963fc8b00bde11

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
phishtank	Other

HTTP Headers

GET /Sharing%20Link%20Validation_files/microsoft-logo.png HTTP/1.1
Host: bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 502 Bad Gateway
date: Sat, 04 Feb 2023 16:56:30 GMT
content-type: text/html
content-length: 11
access-control-allow-origin: *
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1584
vary: Accept-Encoding
server: cloudflare
cf-ray: 7944f09d6a090afa-OSL
X-Firefox-Spdy: h2

bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/spoguestaccess-f3cad398.js

104.18.22.52

502 Bad Gateway

11 B

URL HTTP/2
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/Sharing%20Link%20Validation_files/spoguestaccess-f3cad398.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
50eeaf590dac7639a660d8ba98d009d8
1441dfefc56da793cac98a5a9ac61946d8b9496d
8bc36331ef8b0fc6c198c090bdd4acc3c01185392d2c4d4cd1963fc8b00bde11

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /Sharing%20Link%20Validation_files/spoguestaccess-f3cad398.js HTTP/1.1
Host: bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 502 Bad Gateway
date: Sat, 04 Feb 2023 16:56:30 GMT
content-type: text/html
content-length: 11
access-control-allow-origin: *
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=1660
vary: Accept-Encoding
server: cloudflare
cf-ray: 7944f09d5a080afa-OSL
X-Firefox-Spdy: h2

bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/

104.18.22.52

200 OK

0 B

URL HTTP/2
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
phishtank	Other
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:28 GMT
content-type: text/html
cf-ray: 7944f0997e9c0afa-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreig6tlc4szipcxtmpxln5ds7q3nne6q2njdyiuukv3ojyqdxhxtmay"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://tableland.network https://*.tableland.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=519
x-dotstorage-anchor: f118dba36a9a4762b6b6c97ac89f34b6c3249c15e7ad979979a181ac5844bccd
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 1.5.3
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.18.22.52

200 OK

0 B

URL HTTP/2
bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeih257uyiyeherzflk7swj2jukajbtrassbw75uswn7yt5sqozocfm.ipfs.w3s.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 16:56:29 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
etag: W/"63dd3cba-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7944f09d6a0c0afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 06 Feb 2023 16:56:29 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (38)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN