Report - ci.asigno.ro/css

Report Overview

Submitted URL
ci.asigno.ro/css
IP
86.105.198.149
ASN
#43459 Sc Maguay Impex Srl
Submitted
2022-12-19 04:03:39
Access
Website Title
Final URL
Tags
ups logistic phishing
urlquery detections
Phishing - UPS

Detections

urlquery
7
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	35.163.1.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.8 kB	75 kB	34.120.237.76
arocks.tech	unknown	2022-11-25T21:10:28Z	2022-12-20T04:32:49Z	10 kB	428 kB	172.67.155.162
ci.asigno.ro	unknown	2021-10-29T21:05:42Z	2023-01-25T14:39:40Z	1.6 kB	1.7 kB	86.105.198.149
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.0 kB	8.0 kB	95.101.11.115
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	797 B	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	714 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	arocks.tech/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-07-27
Pretty URL arocks.tech/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.155.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-07-27 03:41:27 Times Seen49992 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915	89 B	2023-03-09	2023-03-09
Pretty URL arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915 IP 172.67.155.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:30:42 Last Seen2023-03-09 17:30:42 Times Seen1 Hash 406f4ceedbcbb3c6360e7e02f8399643 1cf41550e27910a48acf179d4aab558408390f85 6ecf080f72ca9a924199c37ed75628da04fe3b0f6589130af1b00e4e35e71d54 Loading...

	arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915	73 B	2023-03-07	2024-07-24
Pretty URL arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915 IP 172.67.155.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:56:46 Last Seen2024-07-24 00:51:40 Times Seen391 Hash 6a357fe9220b932dba9a2b59c78f36e9 692b6eca37d480d5ec28b3e4c1fdbb5958ed619b 883cb510e324b3c86e1148bac20b6151d8369a3d0f29ac38eed3dc242fa5ddf7 Loading...

HTTP Transactions (54)

URL IP Response Size

ci.asigno.ro/css

86.105.198.149

302 Found

208 B

URL HTTP/1.1
ci.asigno.ro/css
IP
86.105.198.149:0
ASN
#43459 Sc Maguay Impex Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
208 B (208 bytes)
Hash
1e4de38a9c61ec05dbc32907e0940a2a
0466d8511a44e1b68a09abe75fd44438219f8191
712b8ed62250719eeebf79f79ec35d74d0650a95b6867daf7aebabc1d77fa28a

HTTP Headers

GET /css HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 19 Dec 2022 04:03:28 GMT
Server: Apache
Location: https://ci.asigno.ro/css
Content-Length: 208
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2159
Expires: Mon, 19 Dec 2022 04:39:27 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12561
Expires: Mon, 19 Dec 2022 07:32:49 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 03:34:21 GMT
content-type: application/json
age: 1747
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Mon, 19 Dec 2022 04:48:42 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: CH22GpjgiRshNnxtgvrB/7e8eay1yzhRLMi0m9JOnv4uu0WVuZMgS7bgKQp3EgFd1ibfIohJJ4tu6aawyzlntw==
x-amz-request-id: PKZMGK72YD33Q3XW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 03:28:50 GMT
age: 2078
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 04:03:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d0c01fa4b239b76293f79b107795ad8
19a34d9ef300633f83974c4116123650aeed0d7a
989cf4cf537ea879c7d34ea6d673801f3866173b525c85881ecb116232a471a2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989CF4CF537EA879C7D34EA6D673801F3866173B525C85881ECB116232A471A2"
Last-Modified: Sun, 18 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Dec 2022 10:03:28 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive

ci.asigno.ro/css

86.105.198.149

301 Moved Permanently

310 B

URL HTTP/1.1
ci.asigno.ro/css
IP
86.105.198.149:0
ASN
#43459 Sc Maguay Impex Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
310 B (310 bytes)
Hash
6ac2d4816b8f6dbf0c29c4f0c137fd2a
0ac062b950f1a3b45ebbf6b7f388ae2403e5be41
2b2275a96c05bbc5af3b67a91eb666063f76feba667f6d1e1de8d264ef2cbbd0

HTTP Headers

GET /css HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Dec 2022 04:03:28 GMT
Server: Apache/2.4.54 (Debian)
Location: http://ci.asigno.ro/css/
Content-Length: 310
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 03:08:01 GMT
age: 3328
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ci.asigno.ro/css/

86.105.198.149

302 Found

209 B

URL HTTP/1.1
ci.asigno.ro/css/
IP
86.105.198.149:0
ASN
#43459 Sc Maguay Impex Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
209 B (209 bytes)
Hash
19ebe23f330b20ccfaf72a835a0f288e
c643e5524808b92b9fbb53eba14205662070e3b1
20c0a7ca5b9b49526c9883920795664ef16926c94855d47828be0cd868ad7f31

HTTP Headers

GET /css/ HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 19 Dec 2022 04:03:29 GMT
Server: Apache
Location: https://ci.asigno.ro/css/
Content-Length: 209
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ci.asigno.ro/css/

86.105.198.149

302 Found

0 B

URL HTTP/1.1
ci.asigno.ro/css/
IP
86.105.198.149:0
ASN
#43459 Sc Maguay Impex Srl

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - UPS

HTTP Headers

GET /css/ HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Mon, 19 Dec 2022 04:03:29 GMT
Server: Apache/2.4.54 (Debian)
X-Powered-By: PHP/7.4.33
Location: https://arocks.tech/css/WebTrackings
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3636
Cache-Control: max-age=108238
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:29 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 10:07:27 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c24ce612e2f8377dc1a765b10594b04b
1b978177f38add3b4748d651d211f7ada2f4a001
5354662765919a240d42f75adb00196ce38bcb5887053ef628dfc889abefdbf1

HTTP Headers

POST /s/gts1p5/9PmOMpMwL4c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.163.1.35

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.1.35:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6OHP8eBHwnIuV3rNUe5s3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S4qcCypQxCEYbZilwfVgTLeX35E=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7760 bytes)
Hash
5c990c360fd972821af876119dd8555b
458555bf2ac16225da8adfc9fbe75aed89526287
beae8e1d373cbe333272e54db93f44e18f063e93f12f005e793ba64e4f7696a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7760
x-amzn-requestid: a0b96eff-245a-48ab-b09b-013861bbad27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKwhKFTtIAMF6TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a946d-513964bc657a326217d85e42;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V4q1avv0fLvIQNz1dek4qxd2Yen1EJfKBhbvtK3W8AkfBJ775JhZBQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:52:15 GMT
age: 22274
etag: "458555bf2ac16225da8adfc9fbe75aed89526287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9266 bytes)
Hash
da7f54bc8961e24cce4c3910d7657b9e
95f9529aa321d707eac3e133db97c6b641648bdf
ae58b97cc6f584713fbd73bc210ecfcfafd9c5c997008e7e79d59a6e45949846

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9266
x-amzn-requestid: 24005bea-65b5-41af-9281-b95ac7e5f945
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dLRC3E_UIAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ac878-0369a03043a1ccd31f2d7243;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cF5viZkDzq98kxBlMVDLxkbWy8x0Dip1H-jLNqqsYutHG9FwMt8T0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:06:40 GMT
age: 68209
etag: "95f9529aa321d707eac3e133db97c6b641648bdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9824 bytes)
Hash
945d09b8aa956ddee667614c08687f76
0db0497203df4f2ec5da40cd0ab89383479e5d9b
a0953dafcf933d120941f84b60d2884b3df33fa01dfbc5bfe62fc4910b392a83

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9824
x-amzn-requestid: 921ea0f0-7d7d-467e-b3f8-2eb47a62747c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dURWQGoXIAMF_OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e628e-6e4016837f2b38615bff371e;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 00:45:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DgMx1NDqKgwNAIUP-itlH4d6NP5yvSMv8JYpgxo5rdMoPraPrwLzqw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 05:59:13 GMT
age: 79456
etag: "0db0497203df4f2ec5da40cd0ab89383479e5d9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7432 bytes)
Hash
f8b260b0cc287f1b66c97f552b2a3c21
7efa342abc52a36cd3fa2dd4b3e85cec1def58c0
7263d7176d5879c550158fee5259605dc298a99902cb8a2c340ab2b92f92bc90

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7432
x-amzn-requestid: 3254bdde-1e56-4423-a87b-5955c64f52ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA6FUVIAMF2gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-09a330722c1eec79103d9b9e;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W2HZAazNTP-6o2Vyr2jrOTutIt4ed3Fs0L_TgUEH8dM9RtqBiBSdAw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:40:13 GMT
age: 66196
etag: "7efa342abc52a36cd3fa2dd4b3e85cec1def58c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sg4SOln-mB63kOrv2oVmW25o92Sxw7bW4QA78iT5eq3Tpbk_SYUEdw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 00:09:11 GMT
age: 14058
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12172 bytes)
Hash
3aba060983b21c03fd43a14b313fa70e
005128984586fbfa35db5e75e38c43603cae24e1
805ee8bc4be00bc288a082083281984c54cd802138636b9df01f40f22a860897

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12172
x-amzn-requestid: 26e2fb4f-5bc5-4bc8-9e44-08461977187a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVIjgHuiIAMFhYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebae3-79e72e6522d1c0016e46668f;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rtAWDomNd7jCyemJptNJajRruNjBVSNAAbDoUra8_3xhVQmNJIj53w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:18:09 GMT
age: 67520
etag: "005128984586fbfa35db5e75e38c43603cae24e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c24ce612e2f8377dc1a765b10594b04b
1b978177f38add3b4748d651d211f7ada2f4a001
5354662765919a240d42f75adb00196ce38bcb5887053ef628dfc889abefdbf1

HTTP Headers

POST /s/gts1p5/9PmOMpMwL4c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

arocks.tech/css/WebTrackings/

172.67.155.162

200 OK

189 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
189 B (189 bytes)
Hash
6d505e1d84beeda9ee0bcf9b145a0313
d92862a331c9c67135be16e046c96dc8bdfa4947
72bbd4540336ef913c43e7d88edf4108103d417f7ffa3d98774385c55ceebd8d

HTTP Headers

GET /css/WebTrackings/ HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcXrSoKORmFen4fkmaJV%2BgnUxNMMRVljHAOMkHRH52hZDZB%2FiWpvTypnFEoPIyx22WlgYbFtaF0En4%2FnN4zVOFd6US7564L7ZbWP80f0AsCwsZVoYmPXJZRmHxbtjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fae6f41fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

172.67.155.162

200 OK

14 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3982), with CRLF line terminators
Size
14 kB (13947 bytes)
Hash
09431904d3380604b345eb704849d153
3d2054276545c42b574adbb82cf13d792b1ccb79
4f5fc0b75b5391a1000f5590d9fd6dc48cf3a9ebcd3de0635e52d296297c0f0a

HTTP Headers

GET /css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915 HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 20:37:46 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBN8PvwEgMj%2BhrnTYwrxsbvgwi63C2%2B9oH2VB88vp2Tt0e3iNdSa3U%2F4qYH%2BNjOdTRmBHShiF5KHdWXV00o5DyEoKzvXQrEAwXJ2lwPCaOZqhgxAKzvn6wvDiflLgg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb59825fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

arocks.tech/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.155.162

200 OK

3.9 kB

URL HTTP/1.1
arocks.tech/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12331)
Size
3.9 kB (3886 bytes)
Hash
54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 12:21:11 GMT
ETag: W/"6399bfb7-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFlpczPEkyJsTfaXRgbvAOhnFtQMY6WXwCZCD1NLsSbfV9RGGq6Vp0%2FFYROGV2wT9lVx6wia%2FPUciCJHClsJ6FiY%2FRfTffEHUtwec4gsEGqm2YUixy7r310g2oXMhw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3fb88892fac4-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 21 Dec 2022 04:03:31 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

arocks.tech/css/WebTrackings/track_files/ups_004.css

172.67.155.162

200 OK

9.7 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/ups_004.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65472)
Size
9.7 kB (9674 bytes)
Hash
52eae85c7bc86965b3ec13b3d8cd3a6e
cafae326586190f331a75140c4e752a94d38063a
20e42257e6c3b8e0a57d6ce40f66fa7cb791def350015c61b876ec9116227e3b

HTTP Headers

GET /css/WebTrackings/track_files/ups_004.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 9674
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ0SQGCxro7JR6xZojKDZs%2BkI9UtPTxj8jStQOG2HGhZK4r1Jdtn3DpZZGlpsGYqf42Nfe0KA%2B5qwYjUBwxT46yMxkh4B03%2FaRS3sD%2BuYoUfiAAESw0XObxZ2DOrag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88899fac4-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/styles.css

172.67.155.162

200 OK

181 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/styles.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
181 B (181 bytes)
Hash
4a038b1f3a296c0fa73e1d89d22dceda
4b7a9583474b0be80b09303049832acd901c1c46
b484036267305c3d89589db66d136e94f1c4e07a5aa979d1efad598809578ba3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - UPS

HTTP Headers

GET /css/WebTrackings/track_files/styles.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 181
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOvKxdEOujQe87aa2WXOvXDKRpQlkoOewaHSiDhRkYgzFgQ6jaPqrDp%2Fovgss2Un%2BFKwamLwxDLl8YQv4dwupx2Evjpgmg92%2BFJQqaLmKJIJd6VY2ip0PVfL%2BDB6%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88aa6b50c-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/ups_003.css

172.67.155.162

200 OK

8.3 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/ups_003.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.3 kB (8328 bytes)
Hash
89487a8085746ab4589e2897965b980d
de5a78418b2303dc2a683708cea29a733380effa
ef49d443b004d6697f957cb12e66a384aa0ac53dd74f152feb7e7ae4a28b27a3

HTTP Headers

GET /css/WebTrackings/track_files/ups_003.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 8328
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 20:06:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lc3pnUfCUGgfTwOPS4TK8zMufUrnEujam0yrl%2FL0Ab8%2FRnkhGCxSB%2BKA2Utif3Yt5PGgVbbsN9KwtX29dQXiWj1iLv%2FSj5BVVel46ZkkH%2FGwiFiA0qj%2FPqCfhP1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88893fac4-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/ups_005.css

172.67.155.162

200 OK

23 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/ups_005.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65352)
Size
23 kB (22638 bytes)
Hash
a5861caf32ca4187abebe6ce6d430464
1092ee81914c0967249ebea9b23d35cc8efbe6ed
d0bedcf32c8e7ea96aa0c852091982a824e7b7e05a8deda627969a6a56bcad8b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - UPS

HTTP Headers

GET /css/WebTrackings/track_files/ups_005.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:32 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 22638
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwJ7Xd0mFnu%2BHenGAp%2BeT%2B%2F%2BsZF4i%2FKVIRpJkGtAxibebGJm49eeLuPb6i2D5F4BhqKpjxmnhneTLPle%2Fd7zLDt3tx5xoU8hIivE1q%2BiW6cjKhgUjx9omolZ2tVcPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88fd6b511-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/ups.css

172.67.155.162

200 OK

93 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/ups.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65472)
Size
93 kB (93077 bytes)
Hash
17c06163fc8d0c68e30197e10d16ee3a
bbdb566f7e94318a58eeef61dc628c244589495b
23adfd209732af34b2a9500fa5cabf67da4a1f002536b7ecb7ecd10a86154b41

HTTP Headers

GET /css/WebTrackings/track_files/ups.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:32 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGsOKjoxA36mpuk7QNeGeIwzu1eRXl4dgwFDT9GWc8MrMcwwdqnZfAis7yxkPrDl0X4fYB934MxCm33iECUTy8bnI3wEovqoUn7IxuJNsv9GUOORvViu1JEQHV70fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88b771c06-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/ups_002.css

172.67.155.162

200 OK

75 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/ups_002.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65461)
Size
75 kB (74784 bytes)
Hash
d109963d6bee3ff546f1fecc0ba17e19
7e481b8756b8e35e2bb48f8b1c75e39db74fdc8a
6d1c57b810b08236b9c2efe00e78e5975bb23dda35459b7b308f51be8f5c6ca1

HTTP Headers

GET /css/WebTrackings/track_files/ups_002.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:32 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 20:06:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06fMtOFC%2FANAtOCAid69AiZNZrpa29cRNeipHydP4JCHSnOX8J7PYkN%2BdMMSX6WA1i57FKSQk7TvcugJC2yCdK%2BjiwCY5Gv5WB7l8niIVljPgA1SaVT%2FeyOT%2FeKldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88aa0b50c-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/UPS_logo.svg

172.67.155.162

200 OK

1.2 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/UPS_logo.svg
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1152 bytes)
Hash
9ec0923b4e7f4df87ac9ba226439b202
79d2dbef2a1fe136f8f6c506d1c4fc4e2688b9c7
30bf2c723094bdd32e764d27ebc381a104dabeee8a2e60bf12da479952326e62

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - UPS

HTTP Headers

GET /css/WebTrackings/track_files/UPS_logo.svg HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: image/svg+xml
Content-Length: 1152
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZQha3vXeltgLzIw4SRKWiJg7q0hfwTDVxJBrgJn8TsMukueUPkcivJecNtDUHbpsasv4OA7KUPYauj9ZwcjikYdjWwT84vQQKCndLnh4z3acnyrnoaTzT15xqKs0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc46a2efac4-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/icp.gif

172.67.155.162

200 OK

43 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/icp.gif
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - UPS

HTTP Headers

GET /css/WebTrackings/track_files/icp.gif HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQSLpqsgIRDQb1Jw4SiFzLIP4P%2Btq82BMkEbDjJqGFxZc3HZkOb4pnEbpBtyrTyXPht5UUQ5SK69fDI%2FJe4foniE%2B9KyFeN0pEz%2FTtIIrcKJ%2Fp5ZkTSjipMRwOpTZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3fc46be5b511-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/b96dOB0.gif

172.67.155.162

200 OK

8.5 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/b96dOB0.gif
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 256 x 256\012- data
Size
8.5 kB (8508 bytes)
Hash
07144a45b1ff76fe9cb4aa9c92a646c8
a365ff55a6f0a1018f687585d3c154f01b976e56
8527958c37439fbb2193c9bb70637b30dde1d87884014712a07786e67ada9eaa

HTTP Headers

GET /css/WebTrackings/track_files/b96dOB0.gif HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: image/gif
Content-Length: 8508
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:26:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnAajP6PDyDX7qU2RvanaacJz9qofoeBug%2BGmIpmofAit1JHoAvE1imz4Crpps1TcYcVrSazPUEj4alZCC13cjCNzZoV%2Bt69p%2B3Mve6cIBEtJo1w%2BCnSVolHv9L5qg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc46de41c06-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/sii.js

172.67.155.162

200 OK

803 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/sii.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text
Size
803 B (803 bytes)
Hash
e8a77219b7db64f2cf8dddf0b1109967
fc5344110543ef86735c98a8a76389dd76a093d8
fe7d194cca8d9fddc3102dff18fa2f8070579bb256a6171cb0ef5a546787e10a

HTTP Headers

GET /css/WebTrackings/track_files/sii.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 803
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjZa9qghkjIDQ7gLqtnS1l8jdwwDBYon99HGtt%2FTDZSwnc0z2tZveH8C4wibeyQMqy%2FcoVRsj8GMOhS1PuUlQBQ3I4Cbwt%2B4tvF7DKKc0wzucSEMs1OnBtazdbEIOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc4da3cfac4-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/print.js

172.67.155.162

200 OK

612 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/print.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text
Size
612 B (612 bytes)
Hash
1f54153dfddc95fcbd99cf33ba3b7890
6bfa2e51fe4765434d0b73e9e5b98db9483f2ada
20c42aeb320dc87615737e7b090f2409409eac07bd35e0d96f424417d07a48f5

HTTP Headers

GET /css/WebTrackings/track_files/print.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 612
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTxN%2FYFV%2F4G7v6w%2FaQpShC7GoQChPQiMAdc0zWam%2BNZrWkEhyxQlMKaASHMh89hUje70BJgura0u0pugQtKydnoYWdcVWWhbOGpu6HDcIZa9zBMODc0yyXfO1T0xDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc4debfb50c-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/inline.js

172.67.155.162

200 OK

442 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/inline.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (796), with no line terminators
Size
442 B (442 bytes)
Hash
b76825c4e09f887a8de5767befe6e929
f3526a4052d819b7108082fbf24a90e90fdf548a
4af2d76c8271e95ebe63ac2d3f634cb9a03fe2f1e3a535d007e5f8f2351b0de4

HTTP Headers

GET /css/WebTrackings/track_files/inline.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 442
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BM5d4HS0J69SkTsH7uEf8hgzY7GawhdOY9n2ZN88TQZSMDtLpDRi0YhFvxfCmD4XLbjeoaTaOsxjHe7LMglN8z%2BQa7qOwPzo5lqsARHJJYGnU94xPBralXsrdkmmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc60e551c06-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/mnmCompleted.js

172.67.155.162

200 OK

1.5 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/mnmCompleted.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text
Size
1.5 kB (1473 bytes)
Hash
a767d4383178427b09de5fce2bfccab0
f8fe814e0c2c80162451b9a1d0d4ee461120054c
d36f5a8bde036001ea2d02d7f188e44e049d3e05e64acb3b05645e637bcc3ea7

HTTP Headers

GET /css/WebTrackings/track_files/mnmCompleted.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1473
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BGRrOtM71Ibri3F6zTTncyko6Uhc04dxzRuUqN5VC%2Bh4u5U92JvvYdsZu41nBwkuUUiWS2uMc%2Bc2C9IPIiN810ENGgDnUbDM8c5JccyLAP5q8lljHX2rA11d4ClVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc64a68fac4-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/mnm.js

172.67.155.162

200 OK

1.9 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/mnm.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7462), with CRLF line terminators
Size
1.9 kB (1928 bytes)
Hash
d5eca3a4ae25b48ce3cb2a0d60c7c408
6e953b85633de059e6395123fc5349d36f4da088
3ee96aeaffb4e7ac3971840d67e80d7d366c9056f7f02fc44fb2bacc88a125b3

HTTP Headers

GET /css/WebTrackings/track_files/mnm.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1928
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3WhBZ4%2BzqiITeyYj4tp7P%2BuwlAaIQwui5M4IPBsDdLT4sbHBpEA9ycXF8EvPD3SHr%2FENsP6XOIT9jpE70v8kLNKRSofgqGwCUMHbMayZwsHeyeJMIth5VExiPrpjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc64f3ab50c-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/8f71d169ui228ea333b9052029f5a5

172.67.155.162

200 OK

19 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/8f71d169ui228ea333b9052029f5a5
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (18654 bytes)
Hash
67f50a5cbbae90b1391c6774c95bb082
94fca65c1408cb79bdb231cc805d77783386e5e4
684c41ee3d9dde8c136e96cf888577e9273bb7939dbc103a748f24de8d86f9a9

HTTP Headers

GET /css/WebTrackings/track_files/8f71d169ui228ea333b9052029f5a5 HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Length: 18654
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVy8fcpcfUFtKnHTXDW6Wyarub8NICj83wBXtns%2FkaF4GnRABR1PmgFVe1rvW%2BHbCOAqoyecb4f6nfIpBVWh77nx3gnwIGZCDRN4PcoITjw6PCMHZd6je4KPreloLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc4cebdb50c-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/mcdi-01.js

172.67.155.162

200 OK

3.5 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/mcdi-01.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13182), with no line terminators
Size
3.5 kB (3460 bytes)
Hash
a5f9fa6fb607b71b0c9128cca99057fa
0075f5b1a9eef4d57a789e5378620cf4cc176503
b556199630f83d6e07f21bce830996969898a20924825fddcf472af1aa1fea07

HTTP Headers

GET /css/WebTrackings/track_files/mcdi-01.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 3460
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDS6NdnrURPwxEX7GWF5t30pPQOW3LdLJFYzGvUDXBD0SaT2kpV0uy1%2BfEB2Nemo308OJ2Znf7TXFjcZVNy1WohVF2eY%2Fg4glqn4GFj%2FmDY0Iw%2BSasEWQQ08LPSjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc71e8d1c06-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/UPS_Smart_Banner.js

172.67.155.162

200 OK

305 B

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/UPS_Smart_Banner.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (503), with no line terminators
Size
305 B (305 bytes)
Hash
cd5dcd199eda3c917e26d301f3ce51e8
ebcd0fb2f1723ebf0884821bd0443e9f3f50b30a
6144e061ba4d44dc7c498873e8f2d62b38ea8b4b32826be9e05cf6c69b62157f

HTTP Headers

GET /css/WebTrackings/track_files/UPS_Smart_Banner.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:34 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 305
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ny68OBSSvwmORKgnurLEF7oeLcm3pdyq8q8eYe0XwDodQWHt7yazHReKIIbtKyAHsYChjz22au48GAwM%2B8QS8OLnFnV82wNA%2BMypr%2B1TNcdAbx9z3QVwGdy9vzrswQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc85feab50c-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/track_files/ups.js

172.67.155.162

200 OK

8.7 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/track_files/ups.js
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (32019)
Size
8.7 kB (8669 bytes)
Hash
6179e9c2efd4c4f419acb1c1afe6923d
4a5fb2812cce74cc08081dfe18f1d0f549e706a2
2bafa2f2e5323fc8e591455bdf9a1f8cbaad7030d121b424cb7b38aaf513c384

HTTP Headers

GET /css/WebTrackings/track_files/ups.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:34 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 8669
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRIbQawpE27ly90oQwmrR46Fe2I%2F8VWQwyAjsva7uUv%2BeMneagEFjCLaugocoa9QRvIIGhXKi6zYRMdpKTOOqm9UFCGZXa9MZgUBUlS%2FLNVcGaFgkr%2FIE7uE57h%2FXg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc8eee31c06-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/tracking.html?lang=en_EN

172.67.155.162

200 OK

13 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/tracking.html?lang=en_EN
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (4021), with CRLF line terminators
Size
13 kB (12999 bytes)
Hash
ab1a73dd1a11b15b6afda8e590b5513f
5df86f89e8382a6a38a2ac263b66fc1b2b21a4e4
aeb941762036e30aa90f45110641c94ab209cef5f213d5dcab454e07f37e313a

HTTP Headers

GET /css/WebTrackings/tracking.html?lang=en_EN HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 21:26:46 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Wj8sRh%2Bn2N4ubXkZPtTsUKuOoDZ4sXf50%2FgcbbYlFQx%2BasmabHuzHxxBQ8qUK9Exdun7gsxX06D65%2FhJwmXPFEgOm66M8VqDgoEqUErD%2FqdC5MbexaY%2FFdVtILyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fcba8560af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/tracking_files/ups_003.css

172.67.155.162

200 OK

8.3 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/tracking_files/ups_003.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.3 kB (8348 bytes)
Hash
65d77577e873e382846a9404e008d0f8
30f71585e78dca88846e75c43cc583a489d0333b
95ac89d6a9bec201c0c3cf4d621970caaf150a1e2900ae172f551b8c1a03eb26

HTTP Headers

GET /css/WebTrackings/tracking_files/ups_003.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/tracking.html?lang=en_EN

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:35 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 8348
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:31:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfDkp3INVUpHBwSMChL0Q0ICxJjy%2FzgKXRgUb4cqINnI%2FsgG8%2FZGpzsBM7IPXW6XAYRfCjSTRw%2FCa7DRARr4DjaLIgTekamLu3YIclGbiphUd4qS7LzWvlqNsfw4YA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fce0a12b527-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings/tracking_files/ups_004.css

172.67.155.162

200 OK

23 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/tracking_files/ups_004.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65352)
Size
23 kB (22638 bytes)
Hash
a5861caf32ca4187abebe6ce6d430464
1092ee81914c0967249ebea9b23d35cc8efbe6ed
d0bedcf32c8e7ea96aa0c852091982a824e7b7e05a8deda627969a6a56bcad8b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - UPS

HTTP Headers

GET /css/WebTrackings/tracking_files/ups_004.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/tracking.html?lang=en_EN

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:35 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 22638
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:31:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjjgCsZwqs6ofnf0Wnw9q5%2BNJG2%2Bz1ya5TKNTzuZ5wuWxVJk32S1tmF2pNs5riNxsmwInjcMnu63tuWIkAZzB1k5u3I9wj1kxR5oUQnTUabBncAImXL3CZIFHJUycw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fcdf9070af6-OSL
alt-svc: h2=":443"; ma=60

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e5d824-eb30-4eec-8bc0-43392e282ac1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9950 bytes)
Hash
ac21abf8783acf4dab9ce933d644025f
98b6d6a3793e4b3f1aac9d4258c04866fa11f80c
5239bc12bdd94fe9fb20f34bf36f794600e147e492e2090311b97a1b41d31055

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e5d824-eb30-4eec-8bc0-43392e282ac1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9950
x-amzn-requestid: 4e729609-0e45-4b25-8137-37ec47534023
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA5E4SoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-0bc55b2c1b08bda2023bf207;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9tCIn42zpNL7ZgqRj9I4MVjo98uBRcY1odt7EZpPx2aEj9RZkDbkBw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 20:16:18 GMT
age: 28038
etag: "98b6d6a3793e4b3f1aac9d4258c04866fa11f80c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

arocks.tech/css/WebTrackings/tracking_files/ups.css

172.67.155.162

200 OK

93 kB

URL HTTP/1.1
arocks.tech/css/WebTrackings/tracking_files/ups.css
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65472)
Size
93 kB (93077 bytes)
Hash
17c06163fc8d0c68e30197e10d16ee3a
bbdb566f7e94318a58eeef61dc628c244589495b
23adfd209732af34b2a9500fa5cabf67da4a1f002536b7ecb7ecd10a86154b41

HTTP Headers

GET /css/WebTrackings/tracking_files/ups.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/tracking.html?lang=en_EN

HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:35 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:31:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcjZrMpjJ48cft39KkGJSfEimlMDt8wuscwq6LA9mWUpj34wxkVA6gvYM5wVqTnC2klnGydsdhqa7%2F%2FCm%2FJsl7D8AmsRk7uVfuogt8fxlsxQz%2BJeueSoMKiF87lyyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fce0bae0b06-OSL
alt-svc: h2=":443"; ma=60

arocks.tech/css/WebTrackings

172.67.155.162

301 Moved Permanently

0 B

URL HTTP/2
arocks.tech/css/WebTrackings
IP
172.67.155.162:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/WebTrackings HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Mon, 19 Dec 2022 04:03:29 GMT
content-type: text/html; charset=iso-8859-1
location: http://arocks.tech/css/WebTrackings/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lMKoH1pXMPAIOVMXYwPhg1qOKrpGt8G6SUZSSQWWAIud2zc2gyIISqfjIw0os9SZ4QmA4fXmE%2B5SOh8%2FGkPxdWDEzxNNYxHkfchhFEOAezdpdKnaO6V7mLTDehVbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bd3facbd851bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (54)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size