Report - www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1

Report Overview

Submitted URL
www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1
IP
52.94.233.188
ASN
#16509 AMAZON-02
Submitted
2022-09-26 23:23:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.42.148.177
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	943 B	143.204.42.156
unagi.amazon.com	1350	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	652 B	52.94.233.61
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
www.na-amazon-creturns.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.9 kB	174 kB	52.94.233.188
fls-na.amazon.com	1217	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	432 B	35.168.195.206
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
images-na.ssl-images-amazon.com	842	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	13 kB	151.101.85.16
m.media-amazon.com	580	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	654 B	151.101.85.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	Amazon.com Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	8.1 kB	2023-03-08	2023-03-08
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:05:02 Last Seen2023-03-08 02:05:02 Times Seen1 Hash 6cbb2df8b6d89e181bbdca4660c0e027 d3749e6ebec70f1c8469b827f6564724bcd69a64 0502dcb55c1de1fcf966396bdc399ac42f5d1d63fd9494d76489d8766fcf02ed Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	3.1 kB	2023-03-07	2024-04-09
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:24 Last Seen2024-04-09 07:06:29 Times Seen243 Hash efe1e58df21018cb57ff8d489c67dc6b 7a9c103990b8d0c6b04d686b72d5821fb435f7ee 39ba1fe020ef9662d8c2daec7a3801b2aaeca471c0020afae1efdf2d551d2377 Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	13 kB	2023-03-08	2023-03-08
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:05:02 Last Seen2023-03-08 02:05:02 Times Seen1 Hash c520c089faf40f355f5e5494cc1063a0 786744884e2a8f513438fbcb5ee49c2a2ac6cd12 9762b8e28fd6e48aaf96e4dd64f5c4605916163c03c5d135b9057337318e1b11 Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	2.4 kB	2023-03-07	2024-04-14
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:02 Last Seen2024-04-14 06:18:50 Times Seen629 Hash a6a20bf890dd4f7b839e9d5c4123779b 32e743a4a2b3c6c6e9105c09029f1ccc0552f6e0 2b942943a366d20d9932ca71966e877c8da9749f6d27e57dd25d0f903c5481c1 Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	58 B	2023-03-07	2023-03-08
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:53 Last Seen2023-03-08 06:50:37 Times Seen1 Hash 60698cb29e79bd3da246bcef4dabacd2 3a561bf72fec16c7ee6e8dfe8576037e1b506281 ca0e83ac40d318d501065c7283e653f2c79932dc3d5afee4f5c16cc291809cfe Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	29 B	2023-03-07	2024-04-19
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:25 Last Seen2024-04-19 15:46:29 Times Seen2870 Hash a0db64d8520965f89004ad07885da245 17117a206b1cb810d433bce68cb7f60d90083189 6ca3a0b470aed20d90d0a9bf5b933c380bf826a8e6eb1620255a74c8e269cbd2 Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	57 B	2023-03-08	2023-03-08
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:05:02 Last Seen2023-03-08 02:05:02 Times Seen1 Hash 78b0560c64e96cf1b905df67dd29335a 04725c527247b27dba6b9b4d6f258e77ef5a0614 ee6b6a53c8cb693f35ef888ea0237a302c1bb1d4ceb8ab7f8f1b8a6da97fb81f Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	57 B	2023-03-07	2024-04-09
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:22 Last Seen2024-04-09 07:06:29 Times Seen248 Hash aacb0caf0aebb15f9920e4ca7d7113fc 798ef8c4b44d013c777756aef835fd26d571733c a88a4e94b6277b875f45e52ff40cd5af7b0782fa68f6babfa9a517dddbd59b82 Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	58 B	2023-03-07	2023-03-29
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:54 Last Seen2023-03-29 23:28:40 Times Seen3 Hash abf0ef24757aa27ac44d719f14847ddb 1e5b998f347870742452750673bb2de314534e0f 6f33dda4b0a2dcd9f449d1d6ee1eeb1395a1b333f250d97319b71f8f7c90bfc1 Loading...

	www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1	44 kB	2023-03-07	2023-03-08
Pretty URL www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:54 Last Seen2023-03-08 06:50:37 Times Seen1 Hash e961b76cb55e439022a6aa42b093d73f 66f5ac19e23dea3a04e287cc3084d252940efae3 6295766a2cffef7a0eb6000d7ef0ddf85b3160a7fdda8e1971cf8c4fcd09be4b Loading...

HTTP Transactions (33)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8262
Expires: Tue, 27 Sep 2022 01:40:54 GMT
Date: Mon, 26 Sep 2022 23:23:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 22:24:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3jwSdP9MLJuGnaqE-PzBpE5mBwIAUTP7h-HUcl8nVBI32H5RZhEm-g==
Age: 3548

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Cdr5ZuSI0jDKQ4-FDokcwACwFKb6rQwOyK20AKDsuMUMM2uDnFe_jQ==
age: 67677
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 23:23:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1

52.94.233.188

404 Not Found

74 kB

URL HTTP/1.1
www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1
IP
52.94.233.188:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (15649)
Size
74 kB (74081 bytes)
Hash
cdbaf5d0150297fb00ea222c54eb9988
f8bde39b4a1e130285e402122fc43c24b95c144e
607c2c7c5fc85c3acb0d5e2038df5b93cc711267b626e2a0d87b88b993305ee6

Detections

Analyzer	Verdict	Alert
openphish	Amazon.com Inc.

HTTP Headers

GET /ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1 HTTP/1.1
Host: www.na-amazon-creturns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: Server
Date: Mon, 26 Sep 2022 23:23:12 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-rid: 9N4WHE1SPS25X7JBE51J
Set-Cookie: session-id=145-3795792-9322014; Domain=.na-amazon-creturns.com; Expires=Tue, 26-Sep-2023 23:23:12 GMT; Path=/; Secure
session-id-time=2294954592l; Domain=.na-amazon-creturns.com; Expires=Tue, 26-Sep-2023 23:23:12 GMT; Path=/; Secure
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
x-ua-compatible: IE=edge
Pragma: No-cache
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,User-Agent

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 23:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 23:54:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8tK_kkqhePvwM1uCt-aC9ArlZkqU1myy_Ae6fRmNzqY3EZrz6a4vzw==
Age: 747

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:23:13 GMT
Last-Modified: Mon, 26 Sep 2022 21:38:23 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

images-na.ssl-images-amazon.com/images/G/01/x-locale/common/errors-alerts/error-styles-ssl._CB485937077_.css

151.101.85.16

200 OK

492 B

URL HTTP/2
images-na.ssl-images-amazon.com/images/G/01/x-locale/common/errors-alerts/error-styles-ssl._CB485937077_.css
IP
151.101.85.16:0
ASN
#54113 FASTLY

File type
ASCII text, with CRLF line terminators
Size
492 B (492 bytes)
Hash
aa17f19d0739ce79e17dff087b2eddc8
e47ae7aba5044c34aad92768997211ac10990c17
2a08ffb9ad24ee8b769e1a10f658186208ff989a05f75e391e62b4851af244aa

HTTP Headers

GET /images/G/01/x-locale/common/errors-alerts/error-styles-ssl._CB485937077_.css HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
x-amz-ir-id: d801cd4b-b8b1-4c55-90f8-5afd9b524ae5
expires: Mon, 24 Mar 2042 14:09:30 GMT
cache-control: max-age=630720000,public
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
last-modified: Fri, 07 Aug 2009 22:35:25 GMT
x-nginx-cache-status: HIT
content-encoding: br
accept-ranges: bytes
date: Mon, 26 Sep 2022 23:23:13 GMT
age: 2398310
x-served-by: cache-iad-kiad7000108-IAD, cache-bma1624-BMA
vary: Accept-Encoding
x-cache: HIT from fastly, HIT from fastly
server-timing: provider;desc="fy"
content-length: 492
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/x-locale/common/amazon-logo._CB485948382_.gif

151.101.85.16

200 OK

2.8 kB

URL HTTP/2
images-na.ssl-images-amazon.com/images/G/01/x-locale/common/amazon-logo._CB485948382_.gif
IP
151.101.85.16:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 140 x 30\012- data
Size
2.8 kB (2834 bytes)
Hash
642a646b8977280891a724a81db230de
d36e1762fa6d88e3fd022d538a4ccd07603cc94c
89074c2d536640df53aeaf95e9a461b2d07c39075b317e7bbc56932b567cb00e

HTTP Headers

GET /images/G/01/x-locale/common/amazon-logo._CB485948382_.gif HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
x-amz-ir-id: 584db044-43a1-496f-a309-5f42295c2bae
expires: Mon, 08 Sep 2042 16:24:07 GMT
cache-control: max-age=630720000,public
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2010 15:52:42 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
date: Mon, 26 Sep 2022 23:23:13 GMT
age: 1148346
x-served-by: cache-iad-kjyo7100095-IAD, cache-bma1624-BMA
x-cache: HIT from fastly, HIT from fastly
server-timing: provider;desc="fy"
content-length: 2834
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/x-locale/common/orange-arrow._CB485935489_.gif

151.101.85.16

200 OK

57 B

URL HTTP/2
images-na.ssl-images-amazon.com/images/G/01/x-locale/common/orange-arrow._CB485935489_.gif
IP
151.101.85.16:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 10 x 9\012- data
Size
57 B (57 bytes)
Hash
6d2f9a0f392c02735ab2faf6bc859c52
ba24be86d759dd8e3c0c68b8accf5a21c95629eb
21d6cfdfe556880246bed731e16eca3be533d89161253799c936b1cfc623de05

HTTP Headers

GET /images/G/01/x-locale/common/orange-arrow._CB485935489_.gif HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
x-amz-ir-id: 6139f9e8-d50f-4928-b124-171a9dabb5db
expires: Sun, 24 Aug 2042 13:11:17 GMT
cache-control: max-age=630720000,public
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
last-modified: Wed, 02 Jun 2010 17:02:57 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
date: Mon, 26 Sep 2022 23:23:13 GMT
age: 2455915
x-served-by: cache-iad-kjyo7100169-IAD, cache-bma1624-BMA
x-cache: HIT from fastly, HIT from fastly
server-timing: provider;desc="fy"
content-length: 57
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/associates/question-mark._CB485935160_.gif

151.101.85.16

200 OK

508 B

URL HTTP/2
images-na.ssl-images-amazon.com/images/G/01/associates/question-mark._CB485935160_.gif
IP
151.101.85.16:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 40 x 35\012- data
Size
508 B (508 bytes)
Hash
379b52d455257a2098d78654c9c1fa38
734639430cf055f2de7b1e8c8bae944cf1d87a43
03fe21bde7fdf6b9415764aaa36673650f9cf9cd07a3ff22fd8ccc3a298ed6ac

HTTP Headers

GET /images/G/01/associates/question-mark._CB485935160_.gif HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
x-amz-ir-id: b745af48-2272-4825-b2be-42e085227d15
expires: Mon, 01 Sep 2042 14:15:43 GMT
cache-control: max-age=630720000,public
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
last-modified: Wed, 02 Jun 2010 17:00:05 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
date: Mon, 26 Sep 2022 23:23:13 GMT
age: 1760850
x-served-by: cache-iad-kjyo7100023-IAD, cache-bma1624-BMA
x-cache: HIT from fastly, HIT from fastly
server-timing: provider;desc="fy"
content-length: 508
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/authportal/common/css/ap_global._CB485967074_.css

151.101.85.16

200 OK

6.0 kB

URL HTTP/2
images-na.ssl-images-amazon.com/images/G/01/authportal/common/css/ap_global._CB485967074_.css
IP
151.101.85.16:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (786), with CRLF, LF line terminators
Size
6.0 kB (6011 bytes)
Hash
309fdb497ef2e7d6afd19f1181dcfa8a
60b75b584dcd4ff116785969264a30b630ede732
c42b370858d24a06450aa24abd6cd064cf979f3aae756571f7f1db7408db955f

HTTP Headers

GET /images/G/01/authportal/common/css/ap_global._CB485967074_.css HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
x-amz-ir-id: b1e0cf3e-24b3-40fd-b8e9-e7355bfa91a3
expires: Thu, 27 Mar 2042 09:05:54 GMT
cache-control: max-age=630720000,public
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
last-modified: Fri, 27 Jun 2014 00:54:18 GMT
x-nginx-cache-status: HIT
content-encoding: br
accept-ranges: bytes
date: Mon, 26 Sep 2022 23:23:13 GMT
age: 2379902
x-served-by: cache-iad-kcgs7200095-IAD, cache-bma1624-BMA
vary: Accept-Encoding
x-cache: HIT from fastly, HIT from fastly
server-timing: provider;desc="fy"
content-length: 6011
X-Firefox-Spdy: h2

m.media-amazon.com/images/G/01/csm/showads.v2.js?adtag=csm&adflag=-google-adsense.

151.101.85.16

200 OK

28 B

URL HTTP/2
m.media-amazon.com/images/G/01/csm/showads.v2.js?adtag=csm&adflag=-google-adsense.
IP
151.101.85.16:0
ASN
#54113 FASTLY

File type
ASCII text
Size
28 B (28 bytes)
Hash
6d355197591570cee568ab636183c16e
0b188f7c91a79519727a25ce3cb4e997f187be43
f245f3dbd4291746d1e44363529f7cb3851a2780c01d8bcdd3c5e080a0009494

HTTP Headers

GET /images/G/01/csm/showads.v2.js?adtag=csm&adflag=-google-adsense. HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.na-amazon-creturns.com/
Origin: https://www.na-amazon-creturns.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
x-amz-ir-id: de9abd09-6653-4dcd-9034-5ad0fff254d7
expires: Wed, 31 Aug 2022 02:24:33 GMT
cache-control: max-age=86400,public
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
last-modified: Mon, 28 Nov 2016 08:22:04 GMT
x-nginx-cache-status: HIT
content-encoding: br
accept-ranges: bytes
date: Mon, 26 Sep 2022 23:23:13 GMT
age: 29080
x-served-by: cache-iad-kcgs7200030-IAD, cache-bma1680-BMA
vary: Accept-Encoding
x-cache: HIT from fastly, HIT from fastly
server-timing: provider;desc="fy"
content-length: 28
X-Firefox-Spdy: h2

www.na-amazon-creturns.com/favicon.ico

52.94.233.188

302 Found

0 B

URL HTTP/1.1
www.na-amazon-creturns.com/favicon.ico
IP
52.94.233.188:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.na-amazon-creturns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1
Cookie: session-id=145-3795792-9322014; session-id-time=2294954592l; csm-hit=tb:s-9N4WHE1SPS25X7JBE51J|1664234591184&t:1664234591193
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: Server
Date: Mon, 26 Sep 2022 23:23:13 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: EZ69NF53MP2HB30740DT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy-Report-Only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=123-456-7890:rid=EZ69NF53MP2HB30740DT:sn=www.na-amazon-creturns.com
Location: https://www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https%3A%2F%2Fwww.na-amazon-creturns.com%2Ffavicon.ico&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=FCCustomerReturns&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&suppressSignInRadioButtons=1
Vary: Content-Type,Accept-Encoding,User-Agent

push.services.mozilla.com/

52.42.148.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.148.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SCGVj8UQdgyvhwXNsbhQmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mfsgxWqPlyTam3yoUC/vytXmpDs=

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b9736d4aef62507534f22adeb5b9384
8dd62726abb049f9f59851e5bfd7bac198961f5b
66a2d7c30d25788d9a55aceb6c13f0a8b14d750aa7cbde5f451a31442d822142

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 23:23:13 GMT
Last-Modified: Mon, 26 Sep 2022 23:13:40 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iONtcxH64h9hV0CrivvLwNm8tHqBKbFxsu390WDtDDNSDrYKl5_row==
Age: 573

www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https%3A%2F%2Fwww.na-amazon-creturns.com%2Ffavicon.ico&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=FCCustomerReturns&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&suppressSignInRadioButtons=1

52.94.233.188

200 OK

97 kB

URL HTTP/1.1
www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https%3A%2F%2Fwww.na-amazon-creturns.com%2Ffavicon.ico&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=FCCustomerReturns&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&suppressSignInRadioButtons=1
IP
52.94.233.188:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12649), with CRLF, LF line terminators
Size
97 kB (96637 bytes)
Hash
4c5f219f88583a8a077a1842014c262d
2a7fa0de75080d7bb0f067dbba16be326bd5ba0e
884c59418cd14be374ee0ad674dd5c9bf7a3c1d3622e8ccf78f1c7651aa953e3

HTTP Headers

GET /ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https%3A%2F%2Fwww.na-amazon-creturns.com%2Ffavicon.ico&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=FCCustomerReturns&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&suppressSignInRadioButtons=1 HTTP/1.1
Host: www.na-amazon-creturns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1
Connection: keep-alive
Cookie: session-id=145-3795792-9322014; session-id-time=2294954592l; csm-hit=tb:s-9N4WHE1SPS25X7JBE51J|1664234591184&t:1664234591193
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Server
Date: Mon, 26 Sep 2022 23:23:13 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-rid: Y4BNQNHPQHJH55TPQSYY
Set-Cookie: ap-fid=""; Domain=.na-amazon-creturns.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ap/; Secure
session-id=145-3795792-9322014; Domain=.na-amazon-creturns.com; Expires=Tue, 26-Sep-2023 23:23:13 GMT; Path=/; Secure
session-id-time=2294954593l; Domain=.na-amazon-creturns.com; Expires=Tue, 26-Sep-2023 23:23:13 GMT; Path=/; Secure
ubid-main=130-1662130-0504837; Domain=.na-amazon-creturns.com; Expires=Tue, 26-Sep-2023 23:23:13 GMT; Path=/; Secure
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-ua-compatible: IE=edge
Pragma: No-cache
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,User-Agent

fls-na.amazon.com/1/batch/1/OP/A1YOV8979VXAH1:145-3795792-9322014:9N4WHE1SPS25X7JBE51J$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3D9N4WHE1SPS25X7JBE51J:0

35.168.195.206

200 OK

43 B

URL HTTP/2
fls-na.amazon.com/1/batch/1/OP/A1YOV8979VXAH1:145-3795792-9322014:9N4WHE1SPS25X7JBE51J$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3D9N4WHE1SPS25X7JBE51J:0
IP
35.168.195.206:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
e68cc604cab69bf03b8cd228d940f5ef
15c0c62c4c7c917b5dd82a8e1e439211a44b9e98
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

HTTP Headers

GET /1/batch/1/OP/A1YOV8979VXAH1:145-3795792-9322014:9N4WHE1SPS25X7JBE51J$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3D9N4WHE1SPS25X7JBE51J:0 HTTP/1.1
Host: fls-na.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:23:13 GMT
content-type: image/gif
content-length: 43
x-amzn-requestid: 507472cb-83eb-411f-9524-57c26f4f661b
X-Firefox-Spdy: h2

www.na-amazon-creturns.com/ap/uedata?ld&v=0.229559.0&id=9N4WHE1SPS25X7JBE51J&sw=1280&sh=1024&vw=1280&vh=939&m=1&sc=9N4WHE1SPS25X7JBE51J&ue=4&bb=267&be=285&fcp=331&pc=770&tc=-594&na_=-594&ul_=-1664234590927&_ul=-1664234590927&rd_=-1664234590927&_rd=-1664234590927&fe_=-595&lk_=-575&_lk=-569&co_=-569&_co=-272&sc_=-470&rq_=-272&rs_=-79&_rs=-79&dl_=-11&di_=303&de_=320&_de=323&_dc=768&ld_=769&_ld=-1664234590927&ntd=0&ty=0&rc=0&hob=1&hoe=4&ld=771&t=1664234591698&ctb=1&rt=__ld:8-0-2-4-4-0-1&csmtags=fls-na-amazon-com|adblk_no&viz=visible:3&pty=AuthenticationPortal&spty=Error404Page&pti=undefined&tid=9N4WHE1SPS25X7JBE51J&aftb=1

52.94.233.188

400 Bad Request

0 B

URL HTTP/1.1
www.na-amazon-creturns.com/ap/uedata?ld&v=0.229559.0&id=9N4WHE1SPS25X7JBE51J&sw=1280&sh=1024&vw=1280&vh=939&m=1&sc=9N4WHE1SPS25X7JBE51J&ue=4&bb=267&be=285&fcp=331&pc=770&tc=-594&na_=-594&ul_=-1664234590927&_ul=-1664234590927&rd_=-1664234590927&_rd=-1664234590927&fe_=-595&lk_=-575&_lk=-569&co_=-569&_co=-272&sc_=-470&rq_=-272&rs_=-79&_rs=-79&dl_=-11&di_=303&de_=320&_de=323&_dc=768&ld_=769&_ld=-1664234590927&ntd=0&ty=0&rc=0&hob=1&hoe=4&ld=771&t=1664234591698&ctb=1&rt=__ld:8-0-2-4-4-0-1&csmtags=fls-na-amazon-com|adblk_no&viz=visible:3&pty=AuthenticationPortal&spty=Error404Page&pti=undefined&tid=9N4WHE1SPS25X7JBE51J&aftb=1
IP
52.94.233.188:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ap/uedata?ld&v=0.229559.0&id=9N4WHE1SPS25X7JBE51J&sw=1280&sh=1024&vw=1280&vh=939&m=1&sc=9N4WHE1SPS25X7JBE51J&ue=4&bb=267&be=285&fcp=331&pc=770&tc=-594&na_=-594&ul_=-1664234590927&_ul=-1664234590927&rd_=-1664234590927&_rd=-1664234590927&fe_=-595&lk_=-575&_lk=-569&co_=-569&_co=-272&sc_=-470&rq_=-272&rs_=-79&_rs=-79&dl_=-11&di_=303&de_=320&_de=323&_dc=768&ld_=769&_ld=-1664234590927&ntd=0&ty=0&rc=0&hob=1&hoe=4&ld=771&t=1664234591698&ctb=1&rt=__ld:8-0-2-4-4-0-1&csmtags=fls-na-amazon-com|adblk_no&viz=visible:3&pty=AuthenticationPortal&spty=Error404Page&pti=undefined&tid=9N4WHE1SPS25X7JBE51J&aftb=1 HTTP/1.1
Host: www.na-amazon-creturns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/ap/signin?clientContext=FCCustomerReturns.Authenticate&openid.return_to=https://www.na-amazon-creturns.com/prepClassification/new&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=amzn_returns_na&openid.mode=checkid_setup&marketPlaceId=A1YOV8979VXAH1&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&pageId=FCCustomerReturns&openid.ns=http://specs.openid.net/auth/2.0&suppressSignInRadioButtons=1
Cookie: session-id=145-3795792-9322014; session-id-time=2294954593l; csm-hit=tb:s-9N4WHE1SPS25X7JBE51J|1664234591184&t:1664234591399&adb:adblk_no; ubid-main=130-1662130-0504837
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 400 Bad Request
Server: Server
Date: Mon, 26 Sep 2022 23:23:13 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: RWVN9409GYZSH6K7X1KJ
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
x-ua-compatible: IE=edge
Vary: Content-Type,Accept-Encoding,User-Agent

fls-na.amazon.com/1/batch/1/OP/A1YOV8979VXAH1:145-3795792-9322014:9N4WHE1SPS25X7JBE51J$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.229559.0%26id%3D9N4WHE1SPS25X7JBE51J%26sw%3D1280%26sh%3D1024%26vw%3D1280%26vh%3D939%26m%3D1%26sc%3D9N4WHE1SPS25X7JBE51J%26ue%3D4%26bb%3D267%26be%3D285%26fcp%3D331%26pc%3D770%26tc%3D-594%26na_%3D-594%26ul_%3D-1664234590927%26_ul%3D-1664234590927%26rd_%3D-1664234590927%26_rd%3D-1664234590927%26fe_%3D-595%26lk_%3D-575%26_lk%3D-569%26co_%3D-569%26_co%3D-272%26sc_%3D-470%26rq_%3D-272%26rs_%3D-79%26_rs%3D-79%26dl_%3D-11%26di_%3D303%26de_%3D320%26_de%3D323%26_dc%3D768%26ld_%3D769%26_ld%3D-1664234590927%26ntd%3D0%26ty%3D0%26rc%3D0%26hob%3D1%26hoe%3D4%26ld%3D771%26t%3D1664234591698%26ctb%3D1%26rt%3D__ld%3A8-0-2-4-4-0-1%26csmtags%3Dfls-na-amazon-com%7Cadblk_no%26viz%3Dvisible%3A3%26pty%3DAuthenticationPortal%26spty%3DError404Page%26pti%3Dundefined%26tid%3D9N4WHE1SPS25X7JBE51J%26aftb%3D1:779

35.168.195.206

200 OK

43 B

URL HTTP/2
fls-na.amazon.com/1/batch/1/OP/A1YOV8979VXAH1:145-3795792-9322014:9N4WHE1SPS25X7JBE51J$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.229559.0%26id%3D9N4WHE1SPS25X7JBE51J%26sw%3D1280%26sh%3D1024%26vw%3D1280%26vh%3D939%26m%3D1%26sc%3D9N4WHE1SPS25X7JBE51J%26ue%3D4%26bb%3D267%26be%3D285%26fcp%3D331%26pc%3D770%26tc%3D-594%26na_%3D-594%26ul_%3D-1664234590927%26_ul%3D-1664234590927%26rd_%3D-1664234590927%26_rd%3D-1664234590927%26fe_%3D-595%26lk_%3D-575%26_lk%3D-569%26co_%3D-569%26_co%3D-272%26sc_%3D-470%26rq_%3D-272%26rs_%3D-79%26_rs%3D-79%26dl_%3D-11%26di_%3D303%26de_%3D320%26_de%3D323%26_dc%3D768%26ld_%3D769%26_ld%3D-1664234590927%26ntd%3D0%26ty%3D0%26rc%3D0%26hob%3D1%26hoe%3D4%26ld%3D771%26t%3D1664234591698%26ctb%3D1%26rt%3D__ld%3A8-0-2-4-4-0-1%26csmtags%3Dfls-na-amazon-com%7Cadblk_no%26viz%3Dvisible%3A3%26pty%3DAuthenticationPortal%26spty%3DError404Page%26pti%3Dundefined%26tid%3D9N4WHE1SPS25X7JBE51J%26aftb%3D1:779
IP
35.168.195.206:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
e68cc604cab69bf03b8cd228d940f5ef
15c0c62c4c7c917b5dd82a8e1e439211a44b9e98
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

HTTP Headers

GET /1/batch/1/OP/A1YOV8979VXAH1:145-3795792-9322014:9N4WHE1SPS25X7JBE51J$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.229559.0%26id%3D9N4WHE1SPS25X7JBE51J%26sw%3D1280%26sh%3D1024%26vw%3D1280%26vh%3D939%26m%3D1%26sc%3D9N4WHE1SPS25X7JBE51J%26ue%3D4%26bb%3D267%26be%3D285%26fcp%3D331%26pc%3D770%26tc%3D-594%26na_%3D-594%26ul_%3D-1664234590927%26_ul%3D-1664234590927%26rd_%3D-1664234590927%26_rd%3D-1664234590927%26fe_%3D-595%26lk_%3D-575%26_lk%3D-569%26co_%3D-569%26_co%3D-272%26sc_%3D-470%26rq_%3D-272%26rs_%3D-79%26_rs%3D-79%26dl_%3D-11%26di_%3D303%26de_%3D320%26_de%3D323%26_dc%3D768%26ld_%3D769%26_ld%3D-1664234590927%26ntd%3D0%26ty%3D0%26rc%3D0%26hob%3D1%26hoe%3D4%26ld%3D771%26t%3D1664234591698%26ctb%3D1%26rt%3D__ld%3A8-0-2-4-4-0-1%26csmtags%3Dfls-na-amazon-com%7Cadblk_no%26viz%3Dvisible%3A3%26pty%3DAuthenticationPortal%26spty%3DError404Page%26pti%3Dundefined%26tid%3D9N4WHE1SPS25X7JBE51J%26aftb%3D1:779 HTTP/1.1
Host: fls-na.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:23:13 GMT
content-type: image/gif
content-length: 43
x-amzn-requestid: 792d28a3-308c-4e98-acc4-040e8c0e63dd
X-Firefox-Spdy: h2

unagi.amazon.com/1/events/com.amazon.csm.csa.prod

52.94.233.61

200

22 B

URL HTTP/1.1
unagi.amazon.com/1/events/com.amazon.csm.csa.prod
IP
52.94.233.61:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
49fced5a15e8763d46199088fad93fca
8b3f69bdb1250e55ab9968a157416c8968369ec3
09819ee7c805183bdc1c2cb02e46b868c31b426baa5bbede8b56ae6163af04be

HTTP Headers

POST /1/events/com.amazon.csm.csa.prod HTTP/1.1
Host: unagi.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8355
Origin: https://www.na-amazon-creturns.com
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: Server
Date: Mon, 26 Sep 2022 23:23:14 GMT
Content-Type: application/json
Content-Length: 22
Connection: keep-alive
x-amz-rid: 739QNE6HW5MCKAR0KJ2P
x-amzn-RequestId: 25871079-d4c8-4f7e-bca4-4968fb78d520
Content-Encoding: gzip
Vary: Content-Type,Accept-Encoding,User-Agent

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Mon, 26 Sep 2022 23:23:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7128 bytes)
Hash
4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dVs6mb-XGvvd4DXu8yFwO11iheR3QU3O3jFpxjcHZnWCc6jlXpx0Rg==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:54 GMT
age: 5480
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6518 bytes)
Hash
b1f571f5fdf5233ffa70132a4504d4fe
1b5f002272083d5e19b5bd18d503f49635b771e5
4563ffe63e1d043c159648a72d9f4c59a3b0fe40379254848a52c11a4f1a6511

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: d4a26d13-5318-4491-8aec-4c5c738d3254
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y_HlsHzmoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f8624-1baed38e2c89933e66870f2f;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 22:35:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FoSurbU0rYpw1-0snI2b3EC_t2HkfMZpoYnKX6KqFosBv23z4BJCLg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:32:27 GMT
age: 35447
etag: "1b5f002272083d5e19b5bd18d503f49635b771e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11881 bytes)
Hash
91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 3565
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7716 bytes)
Hash
8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 4798
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8255 bytes)
Hash
fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 35683
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6487 bytes)
Hash
e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: cd11b94b-24be-4e6d-bce3-a480b2c1cc23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDWDQEYAIAMFetw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633136e1-5fcb76b5408fdfa20ec55dd8;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 05:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GcEH02ZlJM-8wUvNf7K7rK7f1cs6_m4i9UYUNxXUGzcDTEz74JH3cA==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:28 GMT
age: 5026
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

unagi.amazon.com/1/events/com.amazon.csm.csa.prod

52.94.233.61

200

22 B

URL HTTP/1.1
unagi.amazon.com/1/events/com.amazon.csm.csa.prod
IP
52.94.233.61:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
49fced5a15e8763d46199088fad93fca
8b3f69bdb1250e55ab9968a157416c8968369ec3
09819ee7c805183bdc1c2cb02e46b868c31b426baa5bbede8b56ae6163af04be

HTTP Headers

POST /1/events/com.amazon.csm.csa.prod HTTP/1.1
Host: unagi.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3446
Origin: https://www.na-amazon-creturns.com
Connection: keep-alive
Referer: https://www.na-amazon-creturns.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: Server
Date: Mon, 26 Sep 2022 23:23:19 GMT
Content-Type: application/json
Content-Length: 22
Connection: keep-alive
x-amz-rid: Z3M697S54FASFK4N8T9C
x-amzn-RequestId: 47098b10-c6f3-4438-aeb2-e5e974da20c3
Content-Encoding: gzip
Vary: Content-Type,Accept-Encoding,User-Agent

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations