Report - privacy-violation-form.ml/

Report Overview

Submitted URL
privacy-violation-form.ml/
IP
213.142.157.69
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi
Submitted
2022-09-07 05:31:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
privacy-violation-form.ml	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.3 kB	228 kB	213.142.157.69
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	87 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	2.0 kB	142.250.74.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.38.227.80
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	61 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-07	medium	privacy-violation-form.ml/	Phishing
2022-09-07	medium	privacy-violation-form.ml/	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/breakpoints.min.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/jquery.scrolly.min.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/jquery.scrollex.min.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/browser.min.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/util.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/main.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/js/jquery.min.js	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/webfonts/fa-solid-900.woff2	Phishing
2022-09-07	medium	privacy-violation-form.ml/assets/webfonts/fa-brands-400.woff2	Phishing
2022-09-07	medium	privacy-violation-form.ml/images/K%20png%20white.png/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	privacy-violation-form.ml/assets/js/browser.min.js	1.9 kB	2023-03-07	2024-04-07
Pretty URL privacy-violation-form.ml/assets/js/browser.min.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:05 Last Seen2024-04-07 21:48:35 Times Seen121 Hash c07298dd19048a8a69ad97e754dfe8d0 50035478e467fbd9091b217a4672bdaeb508397b 87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4 Loading...

	privacy-violation-form.ml/assets/js/breakpoints.min.js	2.4 kB	2023-03-07	2024-04-21
Pretty URL privacy-violation-form.ml/assets/js/breakpoints.min.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:05 Last Seen2024-04-21 22:43:50 Times Seen205 Hash 81a479eb099e3b187613943b085923b8 bab199b97edb25ed1b07410c6188ff52ea95f5a2 309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52 Loading...

	privacy-violation-form.ml/assets/js/util.js	12 kB	2023-03-07	2024-04-26
Pretty URL privacy-violation-form.ml/assets/js/util.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:00 Last Seen2024-04-26 01:02:16 Times Seen1341 Hash fd2716a7b68ce7748c9676787b61db43 e32e958f74bd5edc4e1fbdd9fa6c30425d3c7954 c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00 Loading...

	privacy-violation-form.ml/assets/js/main.js	5.3 kB	2023-03-07	2023-12-20
Pretty URL privacy-violation-form.ml/assets/js/main.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:05 Last Seen2023-12-20 22:41:49 Times Seen5 Hash 27a5e488b821e4924c43d6fefbb28260 8fcb2eb5d7fbe2f5d5d0b468a7f30e7730931e06 f20785465a7789711083b554ccb1ef2b364ddd858945511ae11f8eb18b21fc3a Loading...

	privacy-violation-form.ml/assets/js/jquery.min.js	88 kB	2023-03-07	2024-04-26
Pretty URL privacy-violation-form.ml/assets/js/jquery.min.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 07:02:43 Times Seen95561 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	privacy-violation-form.ml/assets/js/jquery.scrollex.min.js	2.3 kB	2023-03-07	2024-04-21
Pretty URL privacy-violation-form.ml/assets/js/jquery.scrollex.min.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:05 Last Seen2024-04-21 22:43:50 Times Seen125 Hash f89065e3d988006af9791b44561d7c90 ede14d2a018d6df0ffd13514dc4662724ad8f9c9 fc25b75fb3fc8b42756413be387e0d7a602813125283d2384551961d73ea784e Loading...

	privacy-violation-form.ml/assets/js/jquery.scrolly.min.js	831 B	2023-03-07	2024-04-26
Pretty URL privacy-violation-form.ml/assets/js/jquery.scrolly.min.js IP 213.142.157.69 ASN #202505 Netbudur Telekomunikasyon Limited Sirketi Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:00 Last Seen2024-04-26 01:02:16 Times Seen890 Hash 1ed5a78bde1476875a40f6b9ff44fc14 91ee4deda8189fde4432a8f58cfe3b5f2aed9dcf 8b6571ea2c3631ff50bb4b96e7f9081c6e33ebaadef9cb2ca5955d5e0b625a02 Loading...

HTTP Transactions (49)

URL IP Response Size

privacy-violation-form.ml/

213.142.157.69

301 Moved Permanently

162 B

URL HTTP/1.1
privacy-violation-form.ml/
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 05:31:35 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://privacy-violation-form.ml/

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 05:04:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nan8PC8lRAHnZcvjXs1Tw0zmkJnw1Em791I2gj4OlHuK5T5jNlceEQ==
Age: 1617

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11938
Expires: Wed, 07 Sep 2022 08:50:34 GMT
Date: Wed, 07 Sep 2022 05:31:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZcLsISkdwMTL1cbm1PbGfrl5WTgNQ08GImG-akrOCuOPOB_LHN7k1g==
age: 6302
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 05:31:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
476ea62fdf10ddac38450837ffbafd59
41112e82867aa326161765909cc9d8c00284d92f
5cf08faeb1920c218140c9cb09985a1846cefae0591ed4b90c7bd86fa2547413

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CF08FAEB1920C218140C9CB09985A1846CEFAE0591ED4B90C7BD86FA2547413"
Last-Modified: Sun, 04 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Wed, 07 Sep 2022 11:30:59 GMT
Date: Wed, 07 Sep 2022 05:31:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 04:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 04:50:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mdqmK8PiRA6VvWj010Qlq7js8UO56b1FgQ6TAWA9vFWD8ywZIFKTVQ==
Age: 3198

privacy-violation-form.ml/

213.142.157.69

200 OK

928 B

URL HTTP/1.1
privacy-violation-form.ml/
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
928 B (928 bytes)
Hash
e0acb2e59022862e7ce14a52a0bbedf5
a8b4256f28af1a3a019d385e68200d38927f4320
4a830a420d1a9a866639ff4a52ac000b5aaf26c6e0f35855c32764fa5bbd0d7f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: text/html
Last-Modified: Sun, 07 Aug 2022 10:26:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef9340-c33"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/css/css2.css

213.142.157.69

404 Not Found

370 B

URL HTTP/1.1
privacy-violation-form.ml/css/css2.css
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
5710ebe5474c1caf7df70c82051e4d4f
d0eafde5f6d43bd42aa20c17ac660710f2e4a524
ccf1580400f4ef832fa3887447ed29d77d37977efdfb8128591622e5bd3b74ba

HTTP Headers

GET /css/css2.css HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 03 Aug 2022 08:44:32 GMT
ETag: W/"328-5e5523df1b2b2"
Content-Encoding: br

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:36 GMT
Last-Modified: Wed, 07 Sep 2022 04:36:10 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

privacy-violation-form.ml/assets/js/breakpoints.min.js

213.142.157.69

200 OK

744 B

URL HTTP/1.1
privacy-violation-form.ml/assets/js/breakpoints.min.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (2387), with CRLF, LF line terminators
Size
744 B (744 bytes)
Hash
996b8056fca0d5255f5c43cd6312cc02
8fc5494ff354253405d9cc481f6b35448774c805
1e80ab88fe2495fa911f1e747e4c26119370b53a0c611607976a227b0dcf9201

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/breakpoints.min.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef933f-987"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/css/main.css

213.142.157.69

200 OK

10 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/css/main.css
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (514), with CRLF, LF line terminators
Size
10 kB (10049 bytes)
Hash
20cb50c3c070b4123576021af3ce875d
13dc6299aa770a3b4e4064b822ec19b69bf6770a
b17168e6ac4584ba0063420b54deb6789b4dc67dac22f78844a4d02e141c57ba

HTTP Headers

GET /assets/css/main.css HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Aug 2022 19:15:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62f949bb-148b1"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/js/jquery.scrolly.min.js

213.142.157.69

200 OK

473 B

URL HTTP/1.1
privacy-violation-form.ml/assets/js/jquery.scrolly.min.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (770), with CRLF line terminators
Size
473 B (473 bytes)
Hash
6c405a4863af2477a1fe51da22eea1f2
2c0a1dcbb2a71f42f2883a7f6130f3d413a16605
bd4779061c75f122424af8121653083fa95ed1b7ed26e57ee8faf1ed3ffd4032

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.scrolly.min.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
ETag: W/"33f-5e5a4208ecdb4"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/js/jquery.scrollex.min.js

213.142.157.69

200 OK

819 B

URL HTTP/1.1
privacy-violation-form.ml/assets/js/jquery.scrollex.min.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (2164), with CRLF line terminators
Size
819 B (819 bytes)
Hash
901c2a1aa602893c983064d840da4b52
1f3a56fc36e10982723552857476c4d283af2492
9253bc036a8f961265c71422c5273e0a383af4a6f9a12b841ba1067f9db5d6c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.scrollex.min.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Last-Modified: Sun, 14 Aug 2022 19:15:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62f949bb-8d1"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/js/browser.min.js

213.142.157.69

200 OK

743 B

URL HTTP/1.1
privacy-violation-form.ml/assets/js/browser.min.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (1803), with CRLF, LF line terminators
Size
743 B (743 bytes)
Hash
6a65da812d8d4e225f8bc64f537f0305
e567c6980a66586024315a8ebbae0ddc37d1a9ac
9df0398928fbc4d4b9f314b81323f6e618eea35306f973b58e3f1cb584531537

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/browser.min.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef933f-73b"
X-Powered-By: PleskLin
Content-Encoding: br

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

privacy-violation-form.ml/assets/js/util.js

213.142.157.69

200 OK

3.0 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/js/util.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with CRLF line terminators
Size
3.0 kB (3045 bytes)
Hash
539f455f47bd2e84248992146153488c
fbed855f00844372891107236ad90ec12fbe0b4f
f2f77914725e66c7dcc3b4cce31e4222f92c92164d45b188b659ddeafbd2f75c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/util.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef933f-3091"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/js/main.js

213.142.157.69

200 OK

1.7 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/js/main.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.7 kB (1674 bytes)
Hash
66db61de0a7f6e09cd91e77e1243e698
b15f77e9194a3459ca906700df75ed3fe0d1d8b8
516c7694e79daf61859a2d504e6ee69cf0203f4c9e418eb4db934b39886a22ce

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef933f-14e2"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/js/jquery.min.js

213.142.157.69

200 OK

30 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/js/jquery.min.js
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (65451)
Size
30 kB (29897 bytes)
Hash
fa5139b891686482893c13c95457693d
99cbe297a133c91916438261cebf013eb1ff3fd6
c503296b3ffd0acfa196906a4c4b1443034dd7426c86ee95cd735b911efbe459

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.min.js HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:36 GMT
Content-Type: application/javascript
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef933f-15851"
X-Powered-By: PleskLin
Content-Encoding: br

privacy-violation-form.ml/assets/css/fontawesome-all.min.css

213.142.157.69

200 OK

12 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/css/fontawesome-all.min.css
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
ASCII text, with very long lines (55782)
Size
12 kB (11701 bytes)
Hash
b5b532dab7522f07a3ab67c67cdf90f7
0d6109108f06f1d80f27fd40c34a1fef55c93506
70c15b86c6e32057e13312808b8d2c2a978149f4b95e37bc0ad2194ff50b2674

HTTP Headers

GET /assets/css/fontawesome-all.min.css HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/assets/css/main.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: text/css
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ef933f-da9f"
X-Powered-By: PleskLin
Content-Encoding: br

fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900

142.250.74.10

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1251 bytes)
Hash
246fb99e05e4d22a467e67422e7d167d
a2cbe0f58e660283c22fb9cb42728018b776613d
af8cc53e4f6d831d588c8cad4093c0dff56d852eba1e3fca20cb8d9e999f24f3

HTTP Headers

GET /css?family=Merriweather:300,700,300italic,700italic|Source+Sans+Pro:900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 05:31:37 GMT
date: Wed, 07 Sep 2022 05:31:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.38.227.80

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.227.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wRl2ZWSgKayTy+jjzpLpVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 90YIQWSooYUdN2z2d94YgR0/cMw=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12408, version 1.0\012- data
Size
12 kB (12408 bytes)
Hash
6e30c013adbc4eba0b94d5431119ea87
9d2a987240fc5b46a3135e8836ee435c5feff333
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://privacy-violation-form.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 23:36:12 GMT
expires: Sat, 02 Sep 2023 23:36:12 GMT
cache-control: public, max-age=31536000
age: 366925
last-modified: Wed, 27 Apr 2022 16:54:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvzRPA.woff2

142.250.74.163

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvzRPA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18676, version 1.0\012- data
Size
19 kB (18676 bytes)
Hash
79eb6bb0ffe63bb0667365d99e75db2e
4bbb304268dcb877c6f821879703157bc5f54475
74df84ee4b94b76e5041b266f2d5629b369b9b4f5b3b621d1e6eb99d5df2ae5d

HTTP Headers

GET /s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff2jvzRPA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://privacy-violation-form.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 23:46:07 GMT
expires: Wed, 06 Sep 2023 23:46:07 GMT
cache-control: public, max-age=31536000
age: 20730
last-modified: Tue, 26 Apr 2022 15:55:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2

142.250.74.163

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19720, version 1.0\012- data
Size
20 kB (19720 bytes)
Hash
08476bf46dff0e875683be6002075581
a289f83a7bc00cd332175ffa4ad96034acfd3116
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496

HTTP Headers

GET /s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://privacy-violation-form.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:59:17 GMT
expires: Wed, 06 Sep 2023 17:59:17 GMT
cache-control: public, max-age=31536000
age: 41540
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

142.250.74.163

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19752, version 1.0\012- data
Size
20 kB (19752 bytes)
Hash
d62145d4db9cd1736127dbac7665f41b
2687b5ba8ddbafc800abd1208069edcefc0ca8f2
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

HTTP Headers

GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://privacy-violation-form.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:22:52 GMT
expires: Wed, 06 Sep 2023 17:22:52 GMT
cache-control: public, max-age=31536000
age: 43725
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwmRduz8A.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwmRduz8A.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11460, version 1.0\012- data
Size
12 kB (11460 bytes)
Hash
f6034c75c282ecd334b1e91093ea4e76
403bf2477d3a387be092d5ed73c4215dd655bac6
90097c3d40a389059efe7190aef2d547af3bf437977c2c009514470b972ed241

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwmRduz8A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://privacy-violation-form.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11460
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 00:26:39 GMT
expires: Fri, 01 Sep 2023 00:26:39 GMT
cache-control: public, max-age=31536000
age: 536698
last-modified: Wed, 27 Apr 2022 16:54:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

privacy-violation-form.ml/assets/webfonts/fa-solid-900.woff2

213.142.157.69

200 OK

75 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/webfonts/fa-solid-900.woff2
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Size
75 kB (75440 bytes)
Hash
b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://privacy-violation-form.ml/assets/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: font/woff2
Content-Length: 75440
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Connection: keep-alive
ETag: "62ef933f-126b0"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 05:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

privacy-violation-form.ml/images/overlay.png

213.142.157.69

404 Not Found

370 B

URL HTTP/1.1
privacy-violation-form.ml/images/overlay.png
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
5710ebe5474c1caf7df70c82051e4d4f
d0eafde5f6d43bd42aa20c17ac660710f2e4a524
ccf1580400f4ef832fa3887447ed29d77d37977efdfb8128591622e5bd3b74ba

HTTP Headers

GET /images/overlay.png HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 03 Aug 2022 08:44:32 GMT
ETag: W/"328-5e5523df1b2b2"
Content-Encoding: br

privacy-violation-form.ml/images/bg.jpg

213.142.157.69

200 OK

11 kB

URL HTTP/1.1
privacy-violation-form.ml/images/bg.jpg
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11252 bytes)
Hash
ef40cabbde8945ae2c49225819e5e060
3ebecf8847cf58050a0997e50798b8c6c641cc79
686d1c22dfeff06840496b4f3baec09f5ea8a728133f2e931515227e87b8e435

HTTP Headers

GET /images/bg.jpg HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: image/jpeg
Content-Length: 11252
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Connection: keep-alive
ETag: "62ef933f-2bf4"
X-Powered-By: PleskLin
Accept-Ranges: bytes

privacy-violation-form.ml/assets/webfonts/fa-brands-400.woff2

213.142.157.69

200 OK

74 kB

URL HTTP/1.1
privacy-violation-form.ml/assets/webfonts/fa-brands-400.woff2
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049\012- data
Size
74 kB (74508 bytes)
Hash
7559b3774a0625e8ca6c0160f8f6cfd8
a403af3337e6207d144b998b9c3bed439af562a9
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://privacy-violation-form.ml/assets/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: font/woff2
Content-Length: 74508
Last-Modified: Sun, 07 Aug 2022 10:26:07 GMT
Connection: keep-alive
ETag: "62ef933f-1230c"
X-Powered-By: PleskLin
Accept-Ranges: bytes

privacy-violation-form.ml/images/K%20png%20white.png

213.142.157.69

301 Moved Permanently

269 B

URL HTTP/1.1
privacy-violation-form.ml/images/K%20png%20white.png
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
f0adbbdcb8a5a064f43cf7564025ae42
4641e37b6947b8640e6d1bbab96eac789497527f
778934a884f94cd41de0d4274bbecdc0f348444a33cdb725312a2d127c281c71

HTTP Headers

GET /images/K%20png%20white.png HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privacy-violation-form.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 269
Connection: keep-alive
Location: https://privacy-violation-form.ml/images/K%20png%20white.png/
X-Powered-By: PleskLin

privacy-violation-form.ml/images/K%20png%20white.png/

213.142.157.69

403 Forbidden

371 B

URL HTTP/1.1
privacy-violation-form.ml/images/K%20png%20white.png/
IP
213.142.157.69:0
ASN
#202505 Netbudur Telekomunikasyon Limited Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
371 B (371 bytes)
Hash
b9db254b9275df3fe0037feaf22a1f16
129cd3fdfa0ab45a9bb5a1a7a0f00a5a851472f6
e8f478dcce8a4ce9120323db799ea79c06f5f46d3df4ee5644d88ad5e67d1735

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/K%20png%20white.png/ HTTP/1.1
Host: privacy-violation-form.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://privacy-violation-form.ml/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 403 Forbidden
Server: nginx
Date: Wed, 07 Sep 2022 05:31:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 03 Aug 2022 08:44:32 GMT
ETag: W/"31b-5e5523df0cc39"
Content-Encoding: br

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12594
Expires: Wed, 07 Sep 2022 09:01:32 GMT
Date: Wed, 07 Sep 2022 05:31:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12594
Expires: Wed, 07 Sep 2022 09:01:32 GMT
Date: Wed, 07 Sep 2022 05:31:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12594
Expires: Wed, 07 Sep 2022 09:01:32 GMT
Date: Wed, 07 Sep 2022 05:31:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12594
Expires: Wed, 07 Sep 2022 09:01:32 GMT
Date: Wed, 07 Sep 2022 05:31:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12594
Expires: Wed, 07 Sep 2022 09:01:32 GMT
Date: Wed, 07 Sep 2022 05:31:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8462 bytes)
Hash
70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 28216
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11972 bytes)
Hash
124a0c0a970006aa660031b5e0ec70d9
3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7
14c5c6aaf110c123037eb860ecc9d386d46af55fe54cb50f9d1ad430f7e0c516

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11972
x-amzn-requestid: e71daf97-7463-492d-b55a-0eab022d8b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0nI2G1tIAMFk2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b89e-7d6c6d1769649d371c505453;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 08:02:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fOWoYZ9FyUKt55cLxVvwCBhX0DzsF2yPaX2Y6USE6OZcNFe3lWyOHA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:42 GMT
age: 28136
etag: "3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8501 bytes)
Hash
b8270b1deb7d093ca8add7908bcc5136
d7f050173460584cecb8e280aefeb0e0f3a8c1d6
148080cd0f4f5aafcfc5a9d737dd99e101895f83a177e0dc15d27079cf6b56bb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8501
x-amzn-requestid: 5424e02c-4ff4-4d45-9e1d-7a43ac9a2d8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvxFRRIAMFfug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-5d1e19c74682a1c950221ece;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -_7fvry5PiqGos8cS42sr0MXgZzw34IxmsYoQ6ePjLFvtbFU3KWGcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:25 GMT
etag: "d7f050173460584cecb8e280aefeb0e0f3a8c1d6"
content-type: image/jpeg
age: 27613
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb8aa6e-cd0e-437b-8dd5-987975f699c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9014 bytes)
Hash
7ef4fa1124d22326a35b623fbe8c5265
ef57fc0f565c41e42637ca1a71d3143c20a7c2e6
8dd5cbcd791cf3db88011ac65a1097a491d0fd0e1e52eb879c2ef27f22c2d3aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb8aa6e-cd0e-437b-8dd5-987975f699c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9014
x-amzn-requestid: 774c43be-0f3a-48c2-8f14-b48b4b09767c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqN9tGsVoAMFVng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d9057-00c7330e5b1d960021691df2;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 04:21:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 77V2cHcwKSvu4b0ikOJ5s3yf-bcK2eh2Sfe85UrhyuRLpzudBO6vXQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:57:28 GMT
age: 23650
etag: "ef57fc0f565c41e42637ca1a71d3143c20a7c2e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8639d630-8c8a-4807-a0b9-15086c24357f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11675 bytes)
Hash
c59fa99ae2913811dc92e67032c57394
de4df8a9282e9cec140c9074a140f72fb3dc896e
bb5841642c985c12489b7b23a2a95571864896eef9a04645e61029f9f6717bdc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8639d630-8c8a-4807-a0b9-15086c24357f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11675
x-amzn-requestid: 4dec6362-eb2a-4cd9-b92e-c569f31b2cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeFGyboAMFzqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c459-1506326857a16d2f3bbb231c;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:04:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YgSKXkER0MzEbjO3lpl_uMkqf8hB_V1Scbj75aaP2_zxXt_Va-ZaCg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:26 GMT
age: 27612
etag: "de4df8a9282e9cec140c9074a140f72fb3dc896e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff29f2a08-1dd5-4577-ae0d-6852e6e83ba7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5384 bytes)
Hash
6447311cd0f34fb9cde4e21946e0d8af
cfca3a21a33e58f300343f643634c50a924bb6db
e2de947b52e13a0350c5b6904020924b957161d825930677386185a62d2f2401

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff29f2a08-1dd5-4577-ae0d-6852e6e83ba7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5384
x-amzn-requestid: 6888919c-b9fb-43da-a080-0dde24422b4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqZHHA5oAMFjzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd3-7f32bdc673d113da6e69b413;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FvxWL8FJUrDyhFhyYXIuArDhRgFUyTurACy5-POlVjXeskWas-d2pQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:25 GMT
age: 28213
etag: "cfca3a21a33e58f300343f643634c50a924bb6db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (49)

URL HTTP/1.1

IP

ASN

File type

Size