Report - crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464

Report Overview

Submitted URL
crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464
IP
172.67.194.169
ASN
#13335 CLOUDFLARENET
Submitted
2023-04-03 16:23:30
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-04-03T20:18:12Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-04-03T20:18:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-04-03T19:06:57Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-04-03T19:06:47Z	606 B	238 B	34.117.65.55
staticbay.pages.dev	unknown	2023-02-26T12:24:36Z	2023-04-03T18:56:09Z	1.1 kB	5.3 kB	172.66.47.92
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-04-03T18:12:04Z	686 B	1.4 kB	142.250.74.131
crushus-s3.latestcache.com	unknown	2023-03-08T01:44:12Z	2023-04-03T18:56:08Z	908 B	1.6 kB	104.21.36.134
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-04-03T18:12:04Z	2.4 kB	6.2 kB	23.36.76.226
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-04-02T23:21:56Z	431 B	392 B	104.16.56.101
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-04-02T23:13:24Z	348 B	85 kB	142.250.74.136
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-04-03T19:07:42Z	3.2 kB	61 kB	34.120.237.76
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-04-02T19:13:44Z	639 B	427 B	216.239.32.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-03	medium	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	Phishing
2023-04-03	medium	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114	17 kB	2023-03-26	2023-04-17
Pretty URL static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:20:50 Last Seen2023-04-17 23:16:21 Times Seen1248 Hash f23fdce5f9fc681a13ca76353818ffac 6779cba0c60c1e89ab3ec72c90a952268b2ba37d a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542 Loading...

	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	103 B	2023-03-08	2024-05-10
Pretty URL crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464 IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:19:23 Last Seen2024-05-10 15:40:18 Times Seen1513 Hash 15a3f40dde8f6c27c05cce205a4ea0b4 2835605998abace30d742b3b054c88d446c3acc5 a6c6c8c0218a3fc7f363f06d5e089bf5be86e1f604e54c61dff0b1e08b10b5a5 Loading...

	crushus-s3.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js	9.7 kB	2023-03-26	2023-12-30
Pretty URL crushus-s3.latestcache.com/cdn-cgi/apps/head/q6VigkzHh5xGbmd0GX6edfKnNmE.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:58:58 Last Seen2023-12-30 18:10:26 Times Seen274 Hash 34cd0418f533aaab670da51c20764068 aa248185d4fb459cdf50491227664c6022294ffe 0ae46cdd253c4a84de426e86e1e1548794e230a5880dbedaac7b73064571f3b5 Loading...

	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	58 kB	2023-04-03	2023-04-03
Pretty URL crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464 IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-03 23:59:57 Last Seen2023-04-03 23:59:58 Times Seen2 Hash 65eba9a42b647ff926a87cab1a3137b4 5c9a8e859b2f5f1909bc446d4c5a87347ed1e703 38cea04ac9a30dd169ef95e64a7f41fbad9d7f94401b94a08e3d363389a88a7a Loading...

	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	77 B	2023-03-08	2024-05-10
Pretty URL crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464 IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:36:14 Last Seen2024-05-10 15:40:18 Times Seen1513 Hash 9131aa2762759852e273e004ee87bc34 c69d37bb0fb387d07bea8ab4d7e50e8b695bc1ed 11228e42ecf5d4e964750b65bb7828a7809130a054a23d04a0c5766cb9ce7dd3 Loading...

	www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD	249 kB	2023-04-03	2023-04-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-03 23:59:58 Last Seen2023-04-03 23:59:58 Times Seen2 Hash b1d2dbefba3d96a25c9440852935a03d b5f287ed9b35f96836b46a2b0945ec485f078626 686b5e96854c07dbb6ff423f89b8b7e206bfd624ad0e99427d89e2a8aff0920e Loading...

	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	464 B	2023-03-10	2024-05-10
Pretty URL crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464 IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:21:34 Last Seen2024-05-10 15:40:18 Times Seen1005 Hash 939dcb67647c35bb79ebdba54e76b7b1 78145de311307e300145e52a8fc1170657fdc370 586aed86e262a22b81a818ff0b323d5718042bcb400dc7c799b44f8203e8c477 Loading...

	crushus-s3.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js	3.7 kB	2023-03-26	2023-12-30
Pretty URL crushus-s3.latestcache.com/cdn-cgi/apps/body/0u8bev7r7LyK2fjruYWKC6_8D8A.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:58:58 Last Seen2023-12-30 18:10:26 Times Seen279 Hash 47e471b950bdb80d663fdc8c637961d6 6b7abd66fcf0ef7f6aa60ebc68716c5aa9811b78 23bf82350c62d88b7effb31bdd9bef908a05424a45c13a68f01430da6183c732 Loading...

	crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464	97 kB	2023-04-03	2023-04-03
Pretty URL crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464 IP 104.21.36.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-03 23:59:58 Last Seen2023-04-03 23:59:58 Times Seen1 Hash 5e8f691c791b955b7edda9c68178f2f5 6e8b19b0680fffcd3e2b0e0c02c5e67e59c5283d c7d7301d78f0b162279cdc15b6efd869dfb8f9b272e370618abc168291ec0866 Loading...

HTTP Transactions (28)

URL IP Response Size

crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464

104.21.36.134

301 Moved Permanently

0 B

URL HTTP/1.1
crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464
IP
104.21.36.134:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /twitter.com/ziller81/status/1014712303143358464 HTTP/1.1
Host: crushus-s3.latestcache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Apr 2023 16:23:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 03 Apr 2023 17:23:19 GMT
Location: https://crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWqffBGvTeUjfkc1ZA%2FstojchuRrTlswAKbpAHcttR6D9qCUVCGVoF5Pk5%2BDIFaLo%2BRK86%2BmfabkMyD%2B%2FUi1%2FEBT%2BSExD4yO695oIgIo1p2ei%2F9FYfNe7ru8J5tPuNnpHgROvTBK6OrkFiSqzg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b22a7cd29d7b4f4-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c17f530e6db706fa5f9eb36a6cca4a4
446b60a425aae47b0adf5abd7e18e9f90f52c0bc
ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19701
Expires: Mon, 03 Apr 2023 21:51:41 GMT
Date: Mon, 03 Apr 2023 16:23:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1965860f5630f7dda817a236cb72ea24
beec8147d48911a007287014564ce544d296a5fd
00b4aafe530f6ceb3d6d4de42fffdaee0cb4e0a60834c85b1d21e42e5db2ef91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00B4AAFE530F6CEB3D6D4DE42FFFDAEE0CB4E0A60834C85B1D21E42E5DB2EF91"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17587
Expires: Mon, 03 Apr 2023 21:16:27 GMT
Date: Mon, 03 Apr 2023 16:23:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14695
Expires: Mon, 03 Apr 2023 20:28:15 GMT
Date: Mon, 03 Apr 2023 16:23:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 03 Apr 2023 15:28:41 GMT
content-type: application/json
age: 3279
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PE42M15DGcPCfNa+umwo03E0cqSec6epLl9aRPL3amd+FKtXQ0+5oFnq2yAdNZTH+kFBoHsoD2w=
x-amz-request-id: MV7NDQGR22C6ZBXP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Apr 2023 15:52:48 GMT
age: 1832
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Apr 2023 16:23:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
27326a64990c6f698a83600491674790
a6bdb4743ace6be80673f6899605bf9177a75b69
e4a8d3c3016130e47580098183bcea5ae369697b7907eafd65ac3450dc2eb265

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4A8D3C3016130E47580098183BCEA5AE369697B7907EAFD65AC3450DC2EB265"
Last-Modified: Mon, 03 Apr 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7603
Expires: Mon, 03 Apr 2023 18:30:03 GMT
Date: Mon, 03 Apr 2023 16:23:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Expires, Pragma, Content-Length, ETag, Backoff, Cache-Control, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 03 Apr 2023 16:14:43 GMT
age: 517
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bp1fNCbDB8HLuxiCJwqXFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DTWFFkP7omcb/4h6x4QYkPwXEYc=
Date: Mon, 03 Apr 2023 16:23:20 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

staticbay.pages.dev/proxy/static/js/ads/invoke.js

172.66.47.92

404 Not Found

0 B

URL HTTP/2
staticbay.pages.dev/proxy/static/js/ads/invoke.js
IP
172.66.47.92:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /proxy/static/js/ads/invoke.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Mon, 03 Apr 2023 16:23:21 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkspgjCFWUjYBvhH5N5tuAZ3yeOSGIjbQKufJSOxsIa7Ps%2FHk0iiSK9f5rNYqiFp3UyOew7KJSAc9%2B2r5PMj34wsenqlWaoPAEgan6DJued95veYwd5UCV%2Bue9NYqEHe3c%2FdzXiR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b22a7d42c331c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

staticbay.pages.dev/proxy/static/js/ads/pop.js

172.66.47.92

404 Not Found

0 B

URL HTTP/2
staticbay.pages.dev/proxy/static/js/ads/pop.js
IP
172.66.47.92:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /proxy/static/js/ads/pop.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Mon, 03 Apr 2023 16:23:21 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul6iasFw2ERT%2Fed7XVRz4xMUj1H%2BebO91QfdfOohiDPMShBCmpqTUtOL%2FSoZlLT9m2N8Ieu5EZYU4m5FjiakwE5EZQh0gp%2FctSDohKRsl5TXEZKr07Gonj0J%2BtYIdRuOJYH%2BTb%2FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b22a7d42c301c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

staticbay.pages.dev/proxy/static/js/ads/invoke.js

172.66.47.92

404 Not Found

3.4 kB

URL HTTP/2
staticbay.pages.dev/proxy/static/js/ads/invoke.js
IP
172.66.47.92:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.4 kB (3373 bytes)
Hash
2d0ac87a3998c97f1a2d71f9d19cf9c5
ab1cbfb702098077e92a572e09797a23945936f7
c2c67af8e48b26e1313ea2db49d72fb975fea3783aa8bfa99e83826b7fd8fa76

HTTP Headers

GET /proxy/static/js/ads/invoke.js HTTP/1.1
Host: staticbay.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
date: Mon, 03 Apr 2023 16:23:21 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQCIsd%2FaPX%2BFyWssnUrUdi%2FLDkP7c7htdP6IXyG4puvFtAUef6M2p7mTAYzht0O7aEE39y603YZnd5JMa7yubL4mIELwHsIfEdVyDDKm1M9hW1%2BX5fy5aTDmEec%2FXpOIPCaarVse"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b22a7d45c861c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da501e2a330785bb2a626a8b64beda12
a98f4428f627249686e244657af1dd3fccbeeb96
55689103661d491905bab1470071b28adc1037fdbaf7291a2cf9d5d5e24e69e5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Apr 2023 16:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD

142.250.74.136

200 OK

84 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-H55MMD7MCD
IP
142.250.74.136:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30260)
Size
84 kB (84104 bytes)
Hash
845f56b6ee895923df892a8070a3cfc8
5be0c0c42f51e809a41c5fcebd25c6cda5a136b5
a3be781bd005e802376d6980c153ff4ab56942487dcdb5ce792ce4d6d331c282

HTTP Headers

GET /gtag/js?id=G-H55MMD7MCD HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 03 Apr 2023 16:23:21 GMT
expires: Mon, 03 Apr 2023 16:23:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0d5f428e8d604eb9e7c5646c4ced7a86
a49e33793421f755c0c56474d5b4507c9fdda931
8736f26b0ca7a66472d862c300071dcc08620ed84ee03e0bd9990f9629b6eb83

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Apr 2023 16:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-H55MMD7MCD&gtm=45je33t0&_p=528586122&cid=363620377.1680539001&ul=en-us&sr=1280x1024&_s=1&sid=1680539001&sct=1&seg=0&dl=https%3A%2F%2Fcrushus-s3.latestcache.com%2Ftwitter.com%2Fziller81%2Fstatus%2F1014712303143358464&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-H55MMD7MCD&gtm=45je33t0&_p=528586122&cid=363620377.1680539001&ul=en-us&sr=1280x1024&_s=1&sid=1680539001&sct=1&seg=0&dl=https%3A%2F%2Fcrushus-s3.latestcache.com%2Ftwitter.com%2Fziller81%2Fstatus%2F1014712303143358464&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-H55MMD7MCD&gtm=45je33t0&_p=528586122&cid=363620377.1680539001&ul=en-us&sr=1280x1024&_s=1&sid=1680539001&sct=1&seg=0&dl=https%3A%2F%2Fcrushus-s3.latestcache.com%2Ftwitter.com%2Fziller81%2Fstatus%2F1014712303143358464&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 03 Apr 2023 16:23:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3025
Expires: Mon, 03 Apr 2023 17:13:47 GMT
Date: Mon, 03 Apr 2023 16:23:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3025
Expires: Mon, 03 Apr 2023 17:13:47 GMT
Date: Mon, 03 Apr 2023 16:23:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3025
Expires: Mon, 03 Apr 2023 17:13:47 GMT
Date: Mon, 03 Apr 2023 16:23:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0936bac9-0505-47a5-932e-eb63ee65f17f.jpeg

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0936bac9-0505-47a5-932e-eb63ee65f17f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6494 bytes)
Hash
440bc52fc1e8c12ac8264a1ee47fc525
00e85bb08fa00deac46dd33bc11e9358c948ecf5
7fd89896357506803bafdb71eccab202b1c492d6489efb4ebb05fb4b367194ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0936bac9-0505-47a5-932e-eb63ee65f17f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6494
x-amzn-requestid: e032a9b8-7231-424c-9bcf-3e376fac5c50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CxM52GoDoAMFnUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429f50b-5b86488c35a3bb1d297bb989;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 21:35:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: BcUzNKU-YO4ziNV_w26wy18Y7hrf1uLna0vTb18r-3aN1YZk234xxQ==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Apr 2023 21:47:04 GMT
age: 66978
etag: "00e85bb08fa00deac46dd33bc11e9358c948ecf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F341f7e43-f7f1-460d-b07c-cfb6a69af4b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8895 bytes)
Hash
2b6c2e8349f7c1d56d8353eecb7e2c97
d54350d7eef6d0d5291f41850363549b4b65552c
33f24d9dfe5df649cda7fae727b719b869100ee3f88a7222358257f85885d9ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F341f7e43-f7f1-460d-b07c-cfb6a69af4b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8895
x-amzn-requestid: ee1aef2f-2606-4d76-85be-12401e34f380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CxM74FifoAMFm9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429f518-466b67241c73844c0a09c21d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 21:35:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: S7fB32oYuvIkbVY6sLWxzIpZKgLn69XDq9pMqb0timISzk5AdFKmrA==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Apr 2023 21:53:06 GMT
age: 66616
etag: "d54350d7eef6d0d5291f41850363549b4b65552c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd77ff9b5-2a02-458f-9c5f-6bcccc0d2831.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12586 bytes)
Hash
b3ce51099120384a3e304a6400083071
64d8fd61b9e2ddbe462781ad1a26cd3155a50dfc
5343452b11225539495025785413791c496c0bd75672e7331a26eb898491eb04

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd77ff9b5-2a02-458f-9c5f-6bcccc0d2831.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12586
x-amzn-requestid: 6a24f9d6-32b8-40eb-8c26-98424f44dcf5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClVE3GI9IAMFSdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64253552-1e519d64745f2a4c58e2b7d5;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:08:02 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: OUAHhvU-xPp2AJbz2IbEiqmCmOWMcAuFFZSlMQh-t3yYs305Se0fXA==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 08:03:57 GMT
age: 29965
etag: "64d8fd61b9e2ddbe462781ad1a26cd3155a50dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47fd3671-846b-41b7-ae64-e6b64f82f7d8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (10819 bytes)
Hash
7bbcab55ec287f0f025030d158bdf765
7c9abe9dbbddb840e4badcf13e1fec136fe645fa
92f69438b4f2632f89006b5c55474c9bd63230df342f492b46fa9a068f399f3e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47fd3671-846b-41b7-ae64-e6b64f82f7d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10050
x-amzn-requestid: 83a2e3cd-74d3-4aed-9088-19e8063e9b21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ct6liHj_IAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6428a489-3dd275df7bec7a2c75eefd0c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sat, 01 Apr 2023 21:39:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: VoijySB-GVwnyK3i43cQPVPenabxB4QyZ9gLNpJTjoWDOs73CHBZnQ==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Apr 2023 23:15:34 GMT
age: 61668
etag: "89a751e033d9301f43e055316f48eefe3b35d3d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 526d70f5-3eab-410e-97d4-e489e152bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cl6tIFhxoAMFa-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64257186-14e697b924e79d1e5bc6d040;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 11:24:54 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qKEs-bdLIfTk7TjXU0kLNzqEBDhhUXkX_osB-9p5LdfJfUbo8LwyuQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 01:54:22 GMT
age: 52140
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e421b58-eee4-4dc7-81c0-2d96120d8950.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6136 bytes)
Hash
50c5edd2a6ef5c0560c229935677ca09
6241f7dab794ef6fe2af3922fd4b7f3539898cad
5ad2e855be49fc982e27aaef20483edd40a048282d97665d4f95f981d65fa1d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e421b58-eee4-4dc7-81c0-2d96120d8950.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: e1ae4e9e-f298-409f-aa10-30e40068322f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CxM54F0BIAMF0cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429f50b-1ccc6fcc3a8705f24e9b956c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 21:35:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HHV4kDxmn33xITsq0SeY6uDSOcaCsNXmjqU1W7ppVmUfhvLc0KQ1gQ==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Apr 2023 21:47:04 GMT
age: 66978
etag: "6241f7dab794ef6fe2af3922fd4b7f3539898cad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

104.16.56.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crushus-s3.latestcache.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Apr 2023 16:23:21 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.3.0
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b22a7d45a5a0b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464

104.21.36.134

200 OK

0 B

URL HTTP/2
crushus-s3.latestcache.com/twitter.com/ziller81/status/1014712303143358464
IP
104.21.36.134:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /twitter.com/ziller81/status/1014712303143358464 HTTP/1.1
Host: crushus-s3.latestcache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 03 Apr 2023 16:23:20 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=315360000
cross-origin-opener-policy: same-origin
expires: Thu, 31 Dec 2037 23:55:55 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: DENY
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Egfy5vFvcDq4KlfSOpDhTGPZAscaCNZYJKO%2B7rik9Dw6BEYlS61EfzMGyCxW3N4Zp4I%2ByRmgQu3JvgF2RsaxPV644bpFLHWXcOMvdWEnopRxoCMOnSzeH4sZxax3GFnN4Gu%2Fg9LTyx1tkaIphQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b22a7ceea760b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML