urlquery - report: natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
ocsp.pki.goog (2)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714	1424	142.250.74.131
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
natflixuserapp.com (11)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4983	246972	188.114.97.1
r3.o.lencr.org (7)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2366	6202	23.36.76.226
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1594	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	34.214.64.191
img-getpocket.cdn.mozilla.net (7)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3800	59504	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-27	medium	natflixuserapp.com/	Netflix Inc.
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08	Netflix Inc.

Scan Date	Severity	Indicator	Comment
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/	Phishing
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/img/icon.ico	Phishing
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/js/main.js?rand= (...)	Phishing
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/img/check.png?s	Phishing
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/img/globe.png?s	Phishing
2022-11-29	medium	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08	Phishing

Scan Date	Severity	Indicator	Comment
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed
2022-11-29	medium	natflixuserapp.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-06-02 01:20:42 UTC	0 - 0 - 2	anindayeniden.net/	188.114.96.1
2023-06-02 00:43:55 UTC	0 - 0 - 2	ourtime.convercatioon.workers.dev/	188.114.96.1
2023-06-02 00:18:06 UTC	0 - 0 - 6	telegrunn.pro/6aba0dce29e84da7fefff6aa3a392ed4	188.114.96.1
2023-06-02 00:14:37 UTC	0 - 0 - 27	telegrunn.pro/453c9e680a894e6a3ff59aa36a4cc392/tme	188.114.96.1
2023-06-02 00:13:36 UTC	0 - 0 - 27	telegrunn.pro/dbd1c7fba8fc74a0206be87b6fd707bf/tme	188.114.96.1

Date	UQ / IDS / BL	URL	IP
2023-06-02 01:47:29 UTC	0 - 3 - 0	labibbiadeltuning.altervista.org/wp-content/u (...)	172.67.132.212
2023-06-02 01:38:02 UTC	0 - 4 - 0	be-ride.ru/confirm/a82c8581803b2bc9c073893148 (...)	172.67.157.16
2023-06-02 01:37:56 UTC	0 - 4 - 0	be-ride.ru/confirm/a82c8581803b2bc9c073893148 (...)	104.21.32.249
2023-06-02 01:37:38 UTC	0 - 0 - 0	www.lczrb.com	172.67.201.110
2023-06-02 01:36:14 UTC	0 - 1 - 0	cdn.discordapp.com/attachments/46299637934692 (...)	162.159.129.233

Date	UQ / IDS / BL	URL	IP
2022-11-30 15:34:36 UTC	8 - 0 - 24	natflixuserapp.com/ac27b77292582bc293a51055bf (...)	188.114.96.1
2022-11-29 21:48:49 UTC	8 - 0 - 27	natflixuserapp.com/4175f2ebb265d58c6d8877841d (...)	188.114.96.1
2022-11-29 21:41:43 UTC	8 - 0 - 24	natflixuserapp.com/20cf775fa6b5dfe621ade096f5 (...)	188.114.97.1
2022-11-29 20:18:12 UTC	8 - 0 - 24	natflixuserapp.com/4175f2ebb265d58c6d8877841d (...)	104.21.27.91
2022-11-29 19:02:05 UTC	8 - 0 - 27	natflixuserapp.com/4175f2ebb265d58c6d8877841d (...)	188.114.96.1

Date	UQ / IDS / BL	URL	IP
2023-03-15 08:35:06 UTC	0 - 0 - 5	paypaisecure.paktyqal.com/membership/2290a738 (...)	50.62.141.185
2023-02-11 02:05:37 UTC	0 - 0 - 1	ft.upnvj.ac.id/wp-content/ovlcap/97785e0500ad (...)	103.147.92.50
2023-01-05 18:35:57 UTC	0 - 0 - 3	experiencemoretravel.net/x/24f2f931f12a4d9149 (...)	69.46.30.77
2023-01-05 16:26:10 UTC	0 - 0 - 3	experiencemoretravel.net/x/24f2f931f12a4d9149 (...)	69.46.30.77
2023-01-05 16:25:21 UTC	0 - 0 - 6	ffdghfj.r.bh.d.sendibt3.com/tr/cl/u8elGE23qC- (...)	1.179.112.197

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9296 Expires: Tue, 29 Nov 2022 21:36:50 GMT Date: Tue, 29 Nov 2022 19:01:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2d2e7649ce9e9ba6fc8b68aa89352e3c Sha1: 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4842 Cache-Control: max-age=146999 Date: Tue, 29 Nov 2022 19:01:54 GMT Etag: "6385df6f-1d7" Expires: Thu, 01 Dec 2022 11:51:53 GMT Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 4ed065cb23b5fca1a179dd73b3c5b7b2 Sha1: 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 Sha256: b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5032 Expires: Tue, 29 Nov 2022 20:25:46 GMT Date: Tue, 29 Nov 2022 19:01:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 29 Nov 2022 18:17:55 GMT cache-control: public,max-age=3600 age: 2639 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: R8oMlG2NnRs3PYzEmXKTGjjaBH0syHMKhkD9Pi+KSvHWIdUj7lUgabrvsIm6lO19fAI3U1lNsck= x-amz-request-id: 2EX2M0E1VZT4T0XC content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 29 Nov 2022 18:44:55 GMT age: 1019 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
POST /s/gts1p5/ye6R3pAMzhk HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 19:01:54 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d8403955b911e1217fdbe398d48ddd06 Sha1: 13eb5ed7245af358b9f99df150241d8d2412a54f Sha256: 0cd75c2f23af08dbca519ae9e85af3734dbdf736ac90b25de84c8afb44ff0ec0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 19:01:54 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /s/gts1p5/ye6R3pAMzhk HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 19:01:54 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d8403955b911e1217fdbe398d48ddd06 Sha1: 13eb5ed7245af358b9f99df150241d8d2412a54f Sha256: 0cd75c2f23af08dbca519ae9e85af3734dbdf736ac90b25de84c8afb44ff0ec0
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 29 Nov 2022 18:08:56 GMT cache-control: public,max-age=3600 age: 3178 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /4175f2ebb265d58c6d8877841d016d08/ HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	188.114.97.1 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Tue, 29 Nov 2022 19:01:54 GMT Transfer-Encoding: chunked Connection: keep-alive Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: PHPSESSID=e9e39500594cf6c23379022756997389; path=/ CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG%2FJ%2BTX8fCBRPZGaNZdcUtAtrpTdsbsR00WP4WQc8EuHKgsMak1GVMnRfzgoDYH9e2CXKi7OzpDXOV3t2NuwLczNhDL6feg7NDCw7OI4Tf5mL21d5BVyrMC1v%2BJ9%2FEbjBoIhZiY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 771d98373cf00b45-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators Size: 948 Md5: 4d67cdafed5c0e15e5ee5b898ecbb5b3 Sha1: c526abe699527f1b8d2f03dc272be046f990d19f Sha256: 7916819b7f5a06bdc32363fc9f6ba30398fc19acc4fe8f4cabd505c30851e4d7 Blocklists: - openphish: Netflix Inc. - fortinet: Phishing - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2183 Cache-Control: max-age=139277 Date: Tue, 29 Nov 2022 19:01:54 GMT Etag: "6385cba8-1d7" Expires: Thu, 01 Dec 2022 09:43:11 GMT Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3c8c689bd654417640d85f3da51af313 Sha1: 85123b6d46230a23d03768bf304b386e5d301305 Sha256: 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
GET /4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/ Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 29 Nov 2022 19:01:55 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BaRX9JmU9JFy43%2FavFQ96tLWWgRS4g2W4BbS2zCJmzG63wWtqw5YRrtlZz2qnoCcx3VsAWWgDEeWgkR%2Byzdo1Hr0mxUb4LLCjzeSI7uM973vlBBubZjZHb1zR4p1rz3%2FIZ5bpM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983998040b45-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 1722 Md5: b6d7b733d5c7cbb442b3f033159578d6 Sha1: 635be44247e60d8aa25009fe8fa86d51ffd68b1d Sha256: 3cfc4a2600c4609ada9640c4d9fd5431a396fbfb9b6b2fcfe5640cfe6fd36acc Blocklists: - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/icon.ico HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/ Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Tue, 29 Nov 2022 19:01:55 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkHczyp1I4afR4N2UilpOvKh956IpwdyC5JkYGRXAjm4PhcqPvKCSmUAMiKVyPMzW6sMDuRGjCGn%2F5qXdeFTFfmtIlvBae9a1LLGmizuiLWrsp3jAIsS%2FOTZwfeuIDJzMp9A%2BvI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d98399e6eb505-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data Size: 1532 Md5: 7a0d24f174045de6f5b9d13273e10917 Sha1: f187b4067506d3bb6a1ec08815fe29f70bfe3e63 Sha256: 33d050df15716cbfcf17ff7690cf0be87a01ff6684eff21306be75c8607bdd8d urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - fortinet: Phishing - quad9: Sinkholed
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: hYl20kE6Q1PnPi5SiLEF9w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	34.214.64.191 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: qNDx0ChruZmYfbCaZqfNKSTzuRA= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4175f2ebb265d58c6d8877841d016d08/assets/js/main.js?rand=1511255224 HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/ Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 29 Nov 2022 19:01:55 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajMCV5QsS3%2B%2FHTuExUJtsNAGtutPrDrnjhSeMdhcyt7ED0%2FhrGU1hF%2BF5ocwfx%2BlwnLRw%2F%2F9I0Ez6p4asFB%2BGgkB8pERDo6YqHVghxcrVXj46%2Fvtx%2FZiNj4OnycCsRteUZPGmy4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d98399ca1b4ee-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (4868) Size: 819 Md5: 07693dbb2d777ac40d843587f298c597 Sha1: b8f95fe7eaed8236f474221dc17e65d02f4f1fab Sha256: d8306c675b2bbba6f27b53b94ec6260a084e7572d12d68861b652f12f7b767ad Blocklists: - openphish: Netflix Inc. - fortinet: Phishing - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/logo.png HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 29 Nov 2022 19:01:55 GMT Content-Length: 8717 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBDMZIrIJUKrk7y%2F%2F1v2MkyMiSo7R1OCpQJUz5QHYmMtVJzqtBjJbDaq2qRwtSYZKjpiqmpPTI5BJwUMcrfAckX%2B%2BGznXcuV0FqQzz%2BPZjmf7V8MsbgNke3b2WN3KhCYVyYSo60%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983b3e72b4ee-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 600 x 300, 8-bit/color RGBA, non-interlaced\012- data Size: 8717 Md5: ed0265f59f0af5ca84c4e0caa17d8562 Sha1: 1a974e812b534924bc17850df81f18fae4176fc1 Sha256: 4d4054a533373a85d24d65f5290ca306133f3c22f0b2d7b71a742a277d0f7a49 urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/background-medium.jpg HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Tue, 29 Nov 2022 19:01:55 GMT Content-Length: 220400 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htBLZpUwujvnRsuk0A83h9Cffqn5EqVObbH6z23m9bSunw6QZQ2litVH2wUSjRc3uUyfbk1dVG2B9zNhs3Xd0b2wnaPrKdFzJqXsE35YHaFnZXu6zM5u7jgBnLbrweSfV83P360%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983b38f0b505-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data Size: 220400 Md5: f9eb0728c81335944cc74b2686eec94c Sha1: 37a0c0f36f56425c0e0221bb8df7eda65857fe59 Sha256: 847566a3fa53dae674a15ccd5dcb40087e2cf1935a1a9a6294702be812c0df53 urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/check.png?s HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 29 Nov 2022 19:01:55 GMT Content-Length: 577 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2QDjckhTa9Ce%2FgYm2AvO935PrjyIdrzUImJlWv26goQev%2BFhHN0RlmsVAyvlK8EZvHphqqh%2Fs83FEku%2FY6f1Bu8gv7GtsfifGCcIDNVqmNz28%2B%2BMTGCPUrhDIBjEz0BaBTDDh8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983b49f40b45-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data Size: 577 Md5: 5dad6d86fb620671bb4920cfc7de5444 Sha1: 0643cf2d26dfeefb4a75ea02b580999ac2c8a902 Sha256: f556fb3c64c1e81e81311450d0993f90dd52484410c8b19f7fe25501a1fb56c4 urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - fortinet: Phishing - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/globe.png?s HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 29 Nov 2022 19:01:55 GMT Content-Length: 2540 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb8hTUprmeVRveWKvJ8JgDTK2Vom%2Bxp1aIOWb5HR3bOUZIX%2FFK6hI20lZP1ksj4bMlXxtK0KnsjzyljlM%2BVvNHiZgl7xIVm3QeXLu05KsyafIh2YNVQwEIB3IxMaUDJXjeuG%2BEE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983b4a5db4fa-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data Size: 2540 Md5: 8200b2cd56e0e58b411215804c51144f Sha1: 16143fc516f831afab8df9d634c74204fbdffddd Sha256: 4442aacdd8b7f2368c235a92f6559b1d807231cb30c9409abe8a0f744dc9e8c5 urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - fortinet: Phishing - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/down.png HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 29 Nov 2022 19:01:55 GMT Content-Length: 634 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EjKGLSP%2FJnXLmqJKFT86FSB0AuNANOKsL7KQwosrCUepZy08J4HsMDcsKZdr7URtkJy4PAYeUXWRozsrXkpBySI7ssDvd9QT72VMCYD1IS0d2nJMrcpCNi0eGShi8145rx7vp8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983b4f9f0afa-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data Size: 634 Md5: 7df34e49f20a6ff3335b357e8833395e Sha1: 4daf672970638dce7a18aeaf3cd8372f2e301f27 Sha256: 76fda49610478440b5b123d15bb4d3510ab771ab27b0b881565887b7bcf6a0c6 urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - quad9: Sinkholed
GET /4175f2ebb265d58c6d8877841d016d08/assets/img/fb.png HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/assets/css/main.css?rand=374142283 Cookie: PHPSESSID=e9e39500594cf6c23379022756997389	188.114.97.1 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 29 Nov 2022 19:01:55 GMT Content-Length: 1455 Connection: keep-alive Last-Modified: Tue, 29 Nov 2022 02:31:52 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv%2B6SgKCkkVYrru%2Bc7Eycrz7Jo%2FJYkWsoFdpvLQKQlTzGQPslq2P2Ea20nuc6VwFJzHHCEkon5nrcFXkhGShSHmZ5eI8opvgwV5GVy2h%2FNRdNT1ZOPSc70vJ5VtGN5Iha%2B8nv9c%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 771d983b493fb515-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data Size: 1455 Md5: a33ca47ef110b6e3ec5086b8776407d3 Sha1: dff5bbbe61b4920a23fb21a7fca69ca9e94dcb6c Sha256: 3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece urlquery: - Phishing - Netflix Blocklists: - openphish: Netflix Inc. - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9239 Expires: Tue, 29 Nov 2022 21:35:55 GMT Date: Tue, 29 Nov 2022 19:01:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9239 Expires: Tue, 29 Nov 2022 21:35:55 GMT Date: Tue, 29 Nov 2022 19:01:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9239 Expires: Tue, 29 Nov 2022 21:35:55 GMT Date: Tue, 29 Nov 2022 19:01:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9239 Expires: Tue, 29 Nov 2022 21:35:55 GMT Date: Tue, 29 Nov 2022 19:01:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9239 Expires: Tue, 29 Nov 2022 21:35:55 GMT Date: Tue, 29 Nov 2022 19:01:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10176 x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMpbgEFOIAMF71A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 04:52:21 GMT age: 50975 etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10176 Md5: 03014221d7f49b50ffc2d1b0a0e75457 Sha1: 772d86ad983042a728ee3490630a9cf1134ad0dd Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9430 x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR7wyGCIIAMFhgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 02:55:32 GMT age: 57984 etag: "075531f525e625b117b2497f31139c9824d0e9c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9430 Md5: 1f434933b5bd6377d299ada22d1ae7ef Sha1: 075531f525e625b117b2497f31139c9824d0e9c5 Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4916 x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYcrELFoAMFaeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 03:01:17 GMT age: 57639 etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4916 Md5: 83c1fedec73299637cc7dc47c48af758 Sha1: 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4417 x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVNnGEcRIAMFaXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:50:08 GMT age: 76308 etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4417 Md5: a2a5c8d4113d282600462749315f2c4f Sha1: e2b4d2e15bb7c086333c0da438873e4c139ba931 Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8921 x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cVNnwFYToAMFoWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:57:05 GMT etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29" age: 75891 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8921 Md5: 823e92f62ff7b3c2093828817d7f2866 Sha1: c501de9eaa581a10b0b5fce40b54bb10f57f7c29 Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4871 x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLDUUEy_oAMFgSQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 12:20:15 GMT age: 24101 etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4871 Md5: a4058fd62595d15c58b3d3266de9865a Sha1: d0dff35eb78f129b5da407043037bcf9c27e55c0 Sha256: ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9376 x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPmz3EVUoAMFWUw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 21:58:57 GMT age: 75786 etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9376 Md5: cce27a1fe8c0222811a5ce0e7f89e1cb Sha1: 28c165bac8cf68cd1b0763c311aece00672cb3a5 Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /4175f2ebb265d58c6d8877841d016d08 HTTP/1.1 Host: natflixuserapp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	188.114.96.1 HTTP/2 301 Moved Permanently content-type: text/html; charset=iso-8859-1 date: Tue, 29 Nov 2022 19:01:54 GMT location: http://natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08/ cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9%2FGd2bL3yXMdbzjE1q12hGsTKFQuAsR3lHl5ssCplUrbrEKMxPo0NpcUPAJZOcWOT7864Xs4Ibt7fddZC5yjwJPSHFnGPppiuSpEr2MxTWEzId%2FJ%2FjTKwD%2FwXuBDlUNkEPPZlw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 771d9835a803b505-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: Netflix Inc. - fortinet: Phishing - quad9: Sinkholed

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" 

                                            
                                                
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=9296 

                                            
                                                
Expires: Tue, 29 Nov 2022 21:36:50 GMT 

                                            
                                                
Date: Tue, 29 Nov 2022 19:01:54 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    2d2e7649ce9e9ba6fc8b68aa89352e3c

                                                Sha1:   0153d1d3d830a457043e16bb40d48a0b9ddef4b8

                                                Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" 

                                            
                                                
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=5032 

                                            
                                                
Expires: Tue, 29 Nov 2022 20:25:46 GMT 

                                            
                                                
Date: Tue, 29 Nov 2022 19:01:54 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    6d9d34c96b9a826ae5676640c966469c

                                                Sha1:   8052a16d41a637e420478b7de1ff5a2dc951fccd

                                                Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: binary/octet-stream

                                            

                                            
                                                
x-amz-id-2: R8oMlG2NnRs3PYzEmXKTGjjaBH0syHMKhkD9Pi+KSvHWIdUj7lUgabrvsIm6lO19fAI3U1lNsck= 

                                            
                                                
x-amz-request-id: 2EX2M0E1VZT4T0XC 

                                            
                                                
content-disposition: attachment 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
server: AmazonS3 

                                            
                                                
content-length: 5348 

                                            
                                                
via: 1.1 google 

                                            
                                                
date: Tue, 29 Nov 2022 18:44:55 GMT 

                                            
                                                
age: 1019 

                                            
                                                
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                            
                                                
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                            
                                                
cache-control: public,max-age=3600 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Tue, 29 Nov 2022 19:01:54 GMT 

                                            
                                                
content-length: 12 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
via: 1.1 google 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json

                                            

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert 

                                            
                                                
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
content-length: 329 

                                            
                                                
via: 1.1 google 

                                            
                                                
date: Tue, 29 Nov 2022 18:08:56 GMT 

                                            
                                                
cache-control: public,max-age=3600 

                                            
                                                
age: 3178 

                                            
                                                
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                            
                                                
etag: "1648230346554" 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             93.184.220.29

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
Age: 2183 

                                            
                                                
Cache-Control: max-age=139277 

                                            
                                                
Date: Tue, 29 Nov 2022 19:01:54 GMT 

                                            
                                                
Etag: "6385cba8-1d7" 

                                            
                                                
Expires: Thu, 01 Dec 2022 09:43:11 GMT 

                                            
                                                
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT 

                                            
                                                
Server: ECS (ska/F70D) 

                                            
                                                
X-Cache: HIT 

                                            
                                                
Content-Length: 471 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   471

                                                Md5:    3c8c689bd654417640d85f3da51af313

                                                Sha1:   85123b6d46230a23d03768bf304b386e5d301305

                                                Sha256: 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" 

                                            
                                                
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=9239 

                                            
                                                
Expires: Tue, 29 Nov 2022 21:35:55 GMT 

                                            
                                                
Date: Tue, 29 Nov 2022 19:01:56 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    a97c452e75cf1d4833e777d7ba7f2c47

                                                Sha1:   58f15763fd33f742ce870f49f1c2dbed5b41205f

                                                Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" 

                                            
                                                
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=9239 

                                            
                                                
Expires: Tue, 29 Nov 2022 21:35:55 GMT 

                                            
                                                
Date: Tue, 29 Nov 2022 19:01:56 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    a97c452e75cf1d4833e777d7ba7f2c47

                                                Sha1:   58f15763fd33f742ce870f49f1c2dbed5b41205f

                                                Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 10176 

                                            
                                                
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cMpbgEFOIAMF71A= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C2 

                                            
                                                
x-cache: Miss from cloudfront 

                                            
                                                
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g== 

                                            
                                                
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Tue, 29 Nov 2022 04:52:21 GMT 

                                            
                                                
age: 50975 

                                            
                                                
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10176

                                                Md5:    03014221d7f49b50ffc2d1b0a0e75457

                                                Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd

                                                Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 4916 

                                            
                                                
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cPYcrELFoAMFaeQ= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C2 

                                            
                                                
x-cache: Miss from cloudfront 

                                            
                                                
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg== 

                                            
                                                
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Tue, 29 Nov 2022 03:01:17 GMT 

                                            
                                                
age: 57639 

                                            
                                                
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4916

                                                Md5:    83c1fedec73299637cc7dc47c48af758

                                                Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41

                                                Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 8921 

                                            
                                                
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cVNnwFYToAMFoWg= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT 

                                            
                                                
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                            
                                                
x-cache: Miss from cloudfront 

                                            
                                                
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ== 

                                            
                                                
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Mon, 28 Nov 2022 21:57:05 GMT 

                                            
                                                
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29" 

                                            
                                                
age: 75891 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8921

                                                Md5:    823e92f62ff7b3c2093828817d7f2866

                                                Sha1:   c501de9eaa581a10b0b5fce40b54bb10f57f7c29

                                                Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 9376 

                                            
                                                
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cPmz3EVUoAMFWUw= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C2 

                                            
                                                
x-cache: Miss from cloudfront 

                                            
                                                
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ== 

                                            
                                                
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Mon, 28 Nov 2022 21:58:57 GMT 

                                            
                                                
age: 75786 

                                            
                                                
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9376

                                                Md5:    cce27a1fe8c0222811a5ce0e7f89e1cb

                                                Sha1:   28c165bac8cf68cd1b0763c311aece00672cb3a5

                                                Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

URL	natflixuserapp.com/4175f2ebb265d58c6d8877841d016d08
IP	188.114.96.1 (Colombia)
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-11-29 19:02:05 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	27
urlquery alerts	8 Phishing - Netflix
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 188.114.96.1

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: natflixuserapp.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (34)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 188.114.96.1

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: natflixuserapp.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (34)

Network Intrusion Detection Systems