cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
301 Moved Permanently
0
URL
HTTP/1.1
cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
fortinet
Phishing
GET /wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu= HTTP/1.1
Host: cedijrz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 31 Dec 2022 11:55:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 31 Dec 2022 12:55:06 GMT
Location: https://cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrLxSVONQHXow5RNcnD%2B6vjNLd4VpErEjzNRKYLUmKrwM9onE6%2FiHqH554gdaeKD5ZGoGQW0RdAHG1xJ8RXkb6cjJ0d4AnGuZP3F%2B0Ov6A0kQofg51FsSr1vKMMb4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7822d30378f60b06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
5c6a87f6d6b5c54dcb1b630ae6001c73
e0315c9936d6f2f58ff7d078e74a8ec7802265a8
d88ef07b9fcfb42d27a490cb57df4adaf3261efc7d0b38246db387da3ca32a8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88EF07B9FCFB42D27A490CB57DF4ADAF3261EFC7D0B38246DB387DA3CA32A8D"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10085
Expires: Sat, 31 Dec 2022 14:43:11 GMT
Date: Sat, 31 Dec 2022 11:55:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
ab3625faa748b97df39d95f3265ccd14
3930df2e3cb45a1abe47de735002fba535de4f08
0b0a1eb64c4a23598884f08be0a9694c8fcaeffc4b0df790a678104f44fe1c14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B0A1EB64C4A23598884F08BE0A9694C8FCAEFFC4B0DF790A678104F44FE1C14"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7485
Expires: Sat, 31 Dec 2022 13:59:51 GMT
Date: Sat, 31 Dec 2022 11:55:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK
939
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
Magic
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 31 Dec 2022 11:47:10 GMT
content-type: application/json
age: 476
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
428881081ad357fb55af33ebf9d12c16
29b7be72f76da07db4a03fb1bc57ffe16d520a22
9adff7f91b147b0d93166bc4ece0dd31fd19fd8b2c269a6a596a1e902f49a1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADFF7F91B147B0D93166BC4ECE0DD31FD19FD8B2C269A6A596A1E902F49A1FE"
Last-Modified: Wed, 28 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5644
Expires: Sat, 31 Dec 2022 13:29:10 GMT
Date: Sat, 31 Dec 2022 11:55:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK
5348
URL
HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
Magic
PEM certificate\012- , ASCII text
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vleSOK+XmhQUbeNdk6EIm6fMG+r0loWMAjqx8Kyg5Sw9RB9lnMrXXmfpbkEZqC1+RnZ6wKymh+an+qQuiik6ZA==
x-amz-request-id: 04CCNY73SRWQPPGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 31 Dec 2022 10:59:37 GMT
age: 3329
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK
280
IP
Hash
9eda9239e3493cd1b3431fb9520979ec
18db20ebb565f32f28038e2128cfe72b0499ce13
13a0fc408a702f1a1f3326ff2e6d28ada07a0fcc46164eec1a9b98d1d4c059da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165971
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:06 GMT
Etag: "63b0086d-118"
Expires: Mon, 02 Jan 2023 10:01:17 GMT
Last-Modified: Sat, 31 Dec 2022 10:01:17 GMT
Server: nginx
Content-Length: 280
contile.services.mozilla.com/v1/tiles
200 OK
12
URL
HTTP/2
contile.services.mozilla.com/v1/tiles
IP
Magic
JSON data\012- , ASCII text, with no line terminators
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 11:55:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK
329
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
Magic
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 31 Dec 2022 11:08:10 GMT
age: 2816
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK
471
IP
Hash
afc798d7819a9c19437d20a92eb6f6ec
badde0ed90ac423d5796dc35808a3cd6cec09820
f101fbf84795c278d89aafdadf23cca6c5010b372a48d39a5354555bfb961e61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6096
Cache-Control: max-age=168799
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:07 GMT
Etag: "63affbaa-1d7"
Expires: Mon, 02 Jan 2023 10:48:26 GMT
Last-Modified: Sat, 31 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK
280
IP
Hash
9eda9239e3493cd1b3431fb9520979ec
18db20ebb565f32f28038e2128cfe72b0499ce13
13a0fc408a702f1a1f3326ff2e6d28ada07a0fcc46164eec1a9b98d1d4c059da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=165971
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:07 GMT
Etag: "63b0086d-118"
Expires: Mon, 02 Jan 2023 10:01:18 GMT
Last-Modified: Sat, 31 Dec 2022 10:01:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
101 Switching Protocols
0
URL
HTTP/1.1
push.services.mozilla.com/
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: az65EtFlfHHnYy4wGqFZvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TvtHgYJfEBfIj3WYkuHkZh7fKuU=
www.cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
404 Not Found
7970
URL
HTTP/2
www.cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
IP
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8200), with CRLF, LF line terminators
Hash
62505ac99904c025506abbcf5daff14f
48358f3569d0cb12550c649c29c53da550eace67
58a133fa248d148b6232f360aad9ef85230de670becafbcccc5114379eca4877
GET /wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu= HTTP/1.1
Host: www.cedijrz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Sat, 31 Dec 2022 11:55:07 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.cedijrz.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bEX6Bc5W%2Fl6ds9%2BDplHbxqY2VHyd6JZIW05Xt8tjaY4zDInb32clyjzocw4sJ4yKbfrz8h43VPiFghGrhjxT3mJQoxxGvvc2Q5ivmXz0PvgKPF%2ByC4oKsRQEipQaQ8LsQ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7822d30a0b291c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
472
IP
Hash
069c09a74c8f7ae8409e60844b2cf07d
6ce866430b7e0b579378a7f10c1dbbd45ec95cdf
12bfafd537a26be5b4fe158a347c0e59477be02a9440c0e67b66fc81fe9b96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK
16205
IP
Hash
28f851c48ea4b94ccbcf3d9017fa2819
de1d3705ecab3c13857a056925b9d78df2042a0a
f47ade467c3ec4247c61a288f36f4403dd84592f8209a0ff91960abeef1722aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
756c77d7d577e0260b6e1ffc3522e77a
2b7e2dd5b3df6768d0d7d20d67988ac60dc28234
1d1598a7f732980f6376fbadd56d71b4497454939a7b9e784adaa9c3f91883d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
200 OK
24086
URL
HTTP/2
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
IP
Hash
9e72ecce5a41f20d6e97f32e7874b059
019b4de7cbf96c1c05d292b797ea413b24e27e9b
57fd8c7d97cdd902d53f26cabbad209d27fe05d3dc4947619299c81831e78e04
GET /css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedijrz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Dec 2022 11:55:08 GMT
date: Sat, 31 Dec 2022 11:55:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
756c77d7d577e0260b6e1ffc3522e77a
2b7e2dd5b3df6768d0d7d20d67988ac60dc28234
1d1598a7f732980f6376fbadd56d71b4497454939a7b9e784adaa9c3f91883d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK
23040
URL
HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
Magic
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cedijrz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:12 GMT
expires: Sat, 30 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 80516
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
200 OK
59338
URL
HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
Hash
a5b5bf6678baf61656946430e8846c8f
412f3dda7e48776a9413fb35c1f5916149261dac
ac9860768e3a75a99a7bccb7333f2984a19c3f6386a591882f45a969bd146df0
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cedijrz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 17:14:55 GMT
expires: Wed, 27 Dec 2023 17:14:55 GMT
cache-control: public, max-age=31536000
age: 326413
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
471
IP
Hash
756c77d7d577e0260b6e1ffc3522e77a
2b7e2dd5b3df6768d0d7d20d67988ac60dc28234
1d1598a7f732980f6376fbadd56d71b4497454939a7b9e784adaa9c3f91883d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 11:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4427
Expires: Sat, 31 Dec 2022 13:08:55 GMT
Date: Sat, 31 Dec 2022 11:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4427
Expires: Sat, 31 Dec 2022 13:08:55 GMT
Date: Sat, 31 Dec 2022 11:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4427
Expires: Sat, 31 Dec 2022 13:08:55 GMT
Date: Sat, 31 Dec 2022 11:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4427
Expires: Sat, 31 Dec 2022 13:08:55 GMT
Date: Sat, 31 Dec 2022 11:55:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
200 OK
8187
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
ba629c9334582ac5e37a14fceb073b43
54adf501819f973ada947a82bf1d28c7de76ef72
9fd8cbe35dc6051926698405e2d9eac24a903148ac425d6cf314eb77b14fbc76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8187
x-amzn-requestid: aaf90c51-50ac-47ca-ae8f-f4afd190b0d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5fsAEGUoAMF2Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad464c-3f2838fd1d7b16e10f1beb98;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:48:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VEipOlCxzx5CSXab3Xcl6vk1pk8qF23HmAbDV34A7uWMIcmFYW0W1g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:21 GMT
age: 50867
etag: "54adf501819f973ada947a82bf1d28c7de76ef72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
200 OK
7660
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yR6kZT7use-SXKKXM3rRmo56EFDJN9VUcRSlzb0cG7nn_pblH0uL6g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
age: 50876
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff12dbe60-fb32-429a-a7e0-6948ca6afe86.jpeg
200 OK
9231
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff12dbe60-fb32-429a-a7e0-6948ca6afe86.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
69a5d8a625e43be4ddf016561d484cfd
e0b81a0b39e80d922d121ed6d6968da849fc21a6
46932455a3da8043f6185a1595c2ea15902aa593d391b1b14cc46d30f69dbc01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff12dbe60-fb32-429a-a7e0-6948ca6afe86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9231
x-amzn-requestid: 2dcf90fd-c5a0-4bb5-9d27-340b56f20d45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dvh8SGKdIAMFvfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a949e8-4cbb236f6bb647844d1537f7;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 07:14:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: voMNdPtZhlhaXEYuNHALSIX7zslf6pquVdJA8-il3-_brev_MPq5uQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 20:38:22 GMT
age: 55006
etag: "e0b81a0b39e80d922d121ed6d6968da849fc21a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd26c05df-2270-4333-b686-fa4ab2953738.jpeg
200 OK
6936
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd26c05df-2270-4333-b686-fa4ab2953738.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
5100d5d65436cb4a1902ada460b510ca
b57869e09bcf5869efbcaabbb437cfaf486fe06b
a0169a64a0ff20216fec3a72edaae94740cc1990806bf40c997bbbb6294fbbd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd26c05df-2270-4333-b686-fa4ab2953738.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6936
x-amzn-requestid: 96b6a57f-9c27-44da-86a8-7dbfcdf42ab9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7Zw1G7AoAMFRgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae099e-0d6729fa13e8e7063607c77b;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: epDE82sDUhlBKYadtrWDBbcL6Y9HfSySTrxSyTumxfe9W9XLqqRY_Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 22:06:32 GMT
age: 49716
etag: "b57869e09bcf5869efbcaabbb437cfaf486fe06b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg
200 OK
12184
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
2ac0f201926a22e91be6d4441014a13e
967a18ebd746598a67d5bd2d8a505acad7cb4152
82f1e0b97e3c306e0367fec75f348fa99b93bc8b435195daea34c87f96fbcdbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12184
x-amzn-requestid: 12cc17c1-e6c8-4642-aa50-5a51b898455c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKDGxEIAMFhhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-1e42f57c26b8caff3dccdf38;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2lLDBktEWMfnKY98WArQ4VG4RMJeGlesSguxGlX6XvvdEqAmLYet0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "967a18ebd746598a67d5bd2d8a505acad7cb4152"
content-type: image/jpeg
age: 50876
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
200 OK
9173
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
1a747e4ba9f713788d8d9c13ba12d253
58726a734bd0c049ed38b760c8f235c918ac1dc4
8be489aafe2c6e61bdd234a28d9d9e0de96e9d04549e2c6638a6343112c29f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9173
x-amzn-requestid: 36af4d98-e328-44ac-abdc-58f8bb3dec9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sLQEh0IAMF5wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a47-6ea74b1133d81bf312e5bdb2;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0dYlGS4Z1EAJ9y9W6pepgty5vl1f_GWzXaSSta1EXwdGex-yjjkxiw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "58726a734bd0c049ed38b760c8f235c918ac1dc4"
content-type: image/jpeg
age: 50876
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
301 Moved Permanently
0
URL
HTTP/2
cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
IP
Analyzer
Verdict
Alert
fortinet
Phishing
GET /wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu= HTTP/1.1
Host: cedijrz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 31 Dec 2022 11:55:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.cedijrz.com/wp-content/themes/com.au/mygov/re/login.php?token=tw96awxsys81ljagkexpbnv4oybbbmryb2lkidgumc4woybuqs0xmduziej1awxkl09qujeumtcwnjizljaynikgqxbwbgvxzwjlaxqvntm3ljm2ichlsfrntcwgbglrzsbhzwnrbykgq2hyb21llzy3ljaumzm2oc4wie1vymlszsbtywzhcmkvntm3ljm2mtg4ljqylje5ns4xndaymdiyokrlyzpudwu=
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6k6dMy%2F2Miui5%2FMtAPbltwY58bXU8iRz1bl7bwFTSKKWKob0mgYWqN8Ou8TvWQJ58vk8FoWNCFbYAFBkUaWzUihWLPZZ5e5M5wUFahfLgCdLrIN%2BEqTFt7W72nqs7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7822d305b9dcb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.73.64
142.250.74.35
23.36.76.226
188.114.97.1
104.21.73.64
93.184.220.29![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff12dbe60-fb32-429a-a7e0-6948ca6afe86.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Ff12dbe60-fb32-429a-a7e0-6948ca6afe86.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd26c05df-2270-4333-b686-fa4ab2953738.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Fd26c05df-2270-4333-b686-fa4ab2953738.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg"){kind=link}