urlquery - report: 104.248.198.151/f/xs.arm6

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
104.248.198.151 (20)	0	2019-01-02T09:04:16Z	2019-01-04T10:35:14Z	6502	304609	104.248.198.151
r3.o.lencr.org (8)	344	2020-12-02T09:52:13Z	2023-03-26T05:09:13Z	2704	7094	23.33.119.27
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-26T05:09:18Z	782	2372	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413	5882	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333	391	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606	127	54.191.108.210
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3246	55924	34.120.237.76

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 05:25:21 UTC	medium	Client IP	104.248.198.151	ET HUNTING Suspicious GET Request for .arm file File

Scan Date	Severity	Indicator	Comment
2023-03-23	medium	104.248.198.151/f/xs.arm6	Malware

Scan Date	Severity	Indicator	Comment
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed
2023-03-23	medium	104.248.198.151	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-03-31 08:46:29 UTC	0 - 3 - 23	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-29 10:10:25 UTC	0 - 2 - 23	104.248.198.151/f/xs.mips	104.248.198.151
2023-03-29 08:53:27 UTC	0 - 3 - 22	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-27 02:56:03 UTC	0 - 3 - 20	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-25 10:34:18 UTC	0 - 1 - 23	104.248.198.151/f/xs.ppc	104.248.198.151

Date	UQ / IDS / BL	URL	IP
2023-06-07 05:26:11 UTC	0 - 0 - 1	159.89.235.202/	159.89.235.202
2023-06-07 05:14:04 UTC	0 - 0 - 1	178.62.239.209/wp-content/fidelity.com.incomn (...)	178.62.239.209
2023-06-07 05:13:44 UTC	0 - 0 - 1	178.62.239.209/wp-content/fidelity.com.incomn (...)	178.62.239.209
2023-06-07 04:55:54 UTC	0 - 0 - 0	offer.affimotion.com	167.99.36.180
2023-06-07 04:53:37 UTC	0 - 1 - 0	remotetools.tech2u.com/BCUninstaller.exe	159.203.225.195

Date	UQ / IDS / BL	URL	IP
2023-03-31 08:46:29 UTC	0 - 3 - 23	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-29 10:10:25 UTC	0 - 2 - 23	104.248.198.151/f/xs.mips	104.248.198.151
2023-03-29 08:53:27 UTC	0 - 3 - 22	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-27 02:56:03 UTC	0 - 3 - 20	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-25 10:34:18 UTC	0 - 1 - 23	104.248.198.151/f/xs.ppc	104.248.198.151

Date	UQ / IDS / BL	URL	IP
2023-03-31 08:46:29 UTC	0 - 3 - 23	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-29 08:53:27 UTC	0 - 3 - 22	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-27 02:56:03 UTC	0 - 3 - 20	104.248.198.151/f/xs.x86	104.248.198.151
2023-03-25 10:34:18 UTC	0 - 1 - 23	104.248.198.151/f/xs.ppc	104.248.198.151
2023-03-25 08:54:32 UTC	0 - 3 - 23	104.248.198.151/f/xs.x86	104.248.198.151

HTTP Transactions (39)

Request	Response
GET /f/xs.arm6 HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	104.248.198.151 HTTP/1.1 200 Content-Type: text/html;charset=utf-8 Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, must-revalidate Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43281) Size: 10072 Md5: 4e37d731be022cdc3e4fb3d8867d6f67 Sha1: 7e3f1d2cf64037ba0da3bf8f5b94eeb72cad2185 Sha256: f0505ee0689ebda4bdf559b48804d22c6c8ce0869d79a6366cee8674fb7f886b Blocklists: - fortinet: Malware - quad9: Sinkholed IDS: - ET HUNTING Suspicious GET Request for .arm file File
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3771 Expires: Thu, 23 Mar 2023 06:28:05 GMT Date: Thu, 23 Mar 2023 05:25:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bea3185dd820a31c1981317f37c3456d Sha1: 1a548a5d27270fc11df9011837a7149571cedd78 Sha256: 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3760 Expires: Thu, 23 Mar 2023 06:27:54 GMT Date: Thu, 23 Mar 2023 05:25:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 210a2a42cfc4f4aced144f5de9babcc6 Sha1: ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db Sha256: 59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5" Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16610 Expires: Thu, 23 Mar 2023 10:02:04 GMT Date: Thu, 23 Mar 2023 05:25:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dc2752d83fbed82852248898a132467a Sha1: b27a6b4af2e07663a58cafb641513f7224c7a7c3 Sha256: ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 05:15:05 GMT age: 609 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 4ad6984a756720fbfff47b37a75513a2 Sha1: 355e35258114452af8b9638985ed9d8ef3bf0aca Sha256: 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: J9/8jWEhq3Vtm1wGqU1oemci6kxSi80+I1Y6S3Gq3qkeVcEey79Wwl1UXB7qBM/thCmnRPA/VTM= x-amz-request-id: Z7V9KEAFVTSYJ0WJ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 04:53:55 GMT age: 1879 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e7bace7c1e04d44012e37ddffe36e5d5 Sha1: 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /js/vendors-main.m.d184ed05.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/f/xs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"19806-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (19748) Size: 6042 Md5: 353aa07ab75f8003f39ab11bbd1b7c9e Sha1: af3badcf2125977484f816dcd70b40e6cebf528f Sha256: ecc6d6e389eb715ba973d112bf919537d4b4acc547e2a4cc900806a05b76cf81 Blocklists: - quad9: Sinkholed
GET /js/main.m.6f69b5a0.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/f/xs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"28329-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (28285) Size: 10888 Md5: 127d7be464cb45c11e3f1ac00129052f Sha1: 08368e4a3e49e5d3c19579984d78e18a4070d8b1 Sha256: 3f4fb9162f5c7a96f6718cf1141cfc500c825abdd81df546646168abe6056c3a Blocklists: - quad9: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 23 Mar 2023 05:25:14 GMT content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /api/users/current HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://104.248.198.151/f/xs.arm6 Connection: keep-alive	104.248.198.151 HTTP/1.1 401 Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Content-Length: 0 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Blocklists: - quad9: Sinkholed
GET /js/17.m.7c19ad00.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/f/xs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"47505-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: data Size: 12574 Md5: 0a8752041abf0421db227b2ff66585c9 Sha1: 7fccfb611898287650d07a849c0e492f33ff0573 Sha256: 87d8f241343fe0bddf3613ea48578639ce77298943c4c6b8e64e157448143e07 Blocklists: - quad9: Sinkholed
GET /api/navigation/global HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://104.248.198.151/f/xs.arm6 Connection: keep-alive	104.248.198.151 HTTP/1.1 401 Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Content-Length: 0 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Blocklists: - quad9: Sinkholed
GET /api/l10n/index?locale=en-US HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://104.248.198.151/f/xs.arm6 Connection: keep-alive	104.248.198.151 HTTP/1.1 200 Content-Type: application/json Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, must-revalidate Sonar-Version: 7.9.5.38598 Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: data Size: 34321 Md5: 28ee5c6cddf4c681a5356eba0a168143 Sha1: f45ef7e962bede322e06a7357a350511502fbbaf Sha256: b7876eee2082e151aba1605d8cb2d35c47b40d9e94683d6a3a3424e0a0678f99 Blocklists: - quad9: Sinkholed
GET /js/314.m.fefd882d.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/f/xs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"9829-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (6502) Size: 3910 Md5: 2187f077750be754e621075e5154a581 Sha1: 31fc4f642d05bba7ab5338da7e4d51ee7fa057d9 Sha256: 2c7534d70b3751b276f409f43c15f1ce7f058788324ebcfd451742f0eb4875d1 Blocklists: - quad9: Sinkholed
GET /js/9.m.437592dd.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/f/xs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"59416-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: data Size: 13593 Md5: f2bad80026f308c7d767744b7501ce3e Sha1: 8877800f590684c4db2f879fb9bf40b47501b8de Sha256: f72718a97bb5a19220446f76b8f34e8bb49703b95fa5afdbe7c390b9097454d3 Blocklists: - quad9: Sinkholed
GET /api/l10n/index?locale=en-US HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6 Connection: keep-alive	104.248.198.151 HTTP/1.1 200 Content-Type: application/json Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, must-revalidate Sonar-Version: 7.9.5.38598 Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators Size: 50523 Md5: 10cc882196fccab20bad7f9be46dc34e Sha1: 5a6bea5d58ac24b3385705948ad77bb3455dbea1 Sha256: d1d0df6643eed17029b598c14fc3799cfbf22228cdfd30a5de0027e59e5990cf Blocklists: - quad9: Sinkholed
GET /js/9.m.437592dd.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"59416-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (34594) Size: 17492 Md5: 21fb7b1a51bb02234d9a75f6e5af6387 Sha1: a211e40fbb790f4fa0de87400a3cad7d1006130e Sha256: 1d7874d0257bd116e1418c1941928e601c3637aecb50bc9a41bdb733cbbb1f0a Blocklists: - quad9: Sinkholed
GET /js/vendors-app.m.b88ebad0.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"165141-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (64942) Size: 54040 Md5: 99aefef73eaad012bf380f6474008336 Sha1: c9002a1094783bbb25bee661f8a35f2caa711e3d Sha256: dabed327494fd3a55119b4fbc35599364f14aaccf1f40d09cd9a23205ca40673 Blocklists: - quad9: Sinkholed
GET /js/app.m.3ee455d5.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/f/xs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:14 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"188922-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: data Size: 60992 Md5: 7028bb2ad1de29fbe228156e35459775 Sha1: ab53ae234dd43c940ad511d33075f79452d78eaa Sha256: f97ee140793175f126e4e839b96105d03e30f58c5c834a83228870930aac5a6a Blocklists: - quad9: Sinkholed
GET /favicon.ico HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: image/x-icon Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Content-Length: 5430 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Accept-Ranges: bytes ETag: W/"5430-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT --- Additional Info --- Magic: MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size: 5430 Md5: b4e4785d5852c563b9ae47cbb7af06fe Sha1: b9a7a5180304bf8af55cce900012010239c1dd80 Sha256: 0cb0b90207b376931f9a8fa5d518f6b1ea2ecf6b0d67d634ae01a38ecb8ad8b5 Blocklists: - quad9: Sinkholed
GET /apple-touch-icon-180x180.png HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: image/png Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Content-Length: 6087 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Accept-Ranges: bytes ETag: W/"6087-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT --- Additional Info --- Magic: PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Size: 6087 Md5: 47204bd1431a1a73ef2525bfa5509fdc Sha1: 8f98e730f717699b376ed5ceb6843eb77d2b0167 Sha256: 040bb39fa16f1bc88f01a26d1a471de74027b2d7a00035bf638b2dbf7755974d Blocklists: - quad9: Sinkholed
GET /js/369.m.d59054c6.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Content-Length: 561 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"561-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT --- Additional Info --- Magic: ASCII text, with very long lines (512) Size: 561 Md5: 7fac243e44988db163177060e7411591 Sha1: 7108d1c2bdaa91383903e1e79d23e12a2df57857 Sha256: 93fc935ddce94381d7b08c22f956b69b367539c7f9ec5cf7ef4b8318c829116f Blocklists: - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 05:17:23 GMT age: 472 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /js/304.m.64d672ef.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"10204-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (10155) Size: 3051 Md5: a1b1015267fe5b248707e3536fe83202 Sha1: 47b112b1b93807719f1ff1a7e2f1727ee4a3c534 Sha256: 3f721d6b76ebcd57589684aceca8d9996f3ee302a471d8755f293b64c02c8fc8 Blocklists: - quad9: Sinkholed
GET /js/0.m.5f1f98f2.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"18895-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (17170) Size: 5960 Md5: 487a99c96e1d753bb9b22669b9b0cbff Sha1: f063ce08faaad0703234091e1567040ea4c166e9 Sha256: ec7d1a65c6bcc0658deebc73f945dc48e617a7effcb47f44afc44e7b421a8ebb Blocklists: - quad9: Sinkholed
GET /js/21.m.1264acfc.chunk.js HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6	104.248.198.151 HTTP/1.1 200 Content-Type: application/javascript Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: max-age=31536000 Accept-Ranges: bytes ETag: W/"2253-1605082808000" Last-Modified: Wed, 11 Nov 2020 08:20:08 GMT Content-Encoding: gzip Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (2205) Size: 1122 Md5: b8a74baf9f0938feed452e83535cf9d5 Sha1: f067b3715c06d671ffddc15f86dadde1124c83d0 Sha256: e99b758f54c1b8b0d161b098dd1aac940a33c53ac559e2fce3f9a1e759bfa4a2 Blocklists: - quad9: Sinkholed
GET /api/users/identity_providers HTTP/1.1 Host: 104.248.198.151 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://104.248.198.151/sessions/new?return_to=%2Ff%2Fxs.arm6 Connection: keep-alive	104.248.198.151 HTTP/1.1 200 Content-Type: application/json Server: nginx/1.18.0 (Ubuntu) Date: Thu, 23 Mar 2023 05:25:15 GMT Content-Length: 24 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, must-revalidate Sonar-Version: 7.9.5.38598 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 24 Md5: f6771007e68c1504df1f503964c8f6d5 Sha1: a021d30aa08ed4bbc01c28eb2414b6aae7b7df81 Sha256: 757bb747ba269253666a63bb8bf42b5711e8c5af8f7e03b17b1a1888e3e74e91 Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10288 Expires: Thu, 23 Mar 2023 08:16:43 GMT Date: Thu, 23 Mar 2023 05:25:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 050ca4dc2182e0a27573b0d9f32b7834 Sha1: bec14dc5af0d0b32210470673511acd8db404308 Sha256: b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: StXPNJ+BE02MjOipcXs5Dw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.191.108.210 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: jnkbxCdgk0F+4uvF6Gl9LSQrEMs= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11440 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:25:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11440 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:25:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11440 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:25:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11440 Expires: Thu, 23 Mar 2023 08:35:56 GMT Date: Thu, 23 Mar 2023 05:25:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a0d3d7099bbc5fed74a6e78e1a3096bf Sha1: 96afaf8b3ac053577c56aca5f4a20d8655ecb771 Sha256: c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5556 x-amzn-requestid: dd5a8417-ddd5-469d-aa84-e880f4b84464 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CHqKFGRsoAMFTGQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6419570d-3f28a7502b56eda47dd82ba7;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:45 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: JImqyag05jmvEwsJSvKFVuisuS5KNKfr7xRuN0YPyneNXvVxKkFMzg== via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 05:35:55 GMT age: 85761 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5556 Md5: c831201ad81f55c63c1b101ce854a810 Sha1: 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 Sha256: c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae396653-384e-48e4-9824-4bf9d53f211b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10959 x-amzn-requestid: a7e3f891-6f0e-48af-9a37-3cb8f9cae223 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B9xD8G-pIAMFagQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64156218-3334d770691739b77f855b0b;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 07:02:48 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: RmTQewe6KB0ictxZUj2umye1wlB6l5FkLEoXfGsR2adHPRU9KyXxWQ== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 03:55:26 GMT age: 5390 etag: "55bd99cc5490b60e7a653ffa5f2a8c288ef66e87" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10959 Md5: 90be67fd11de3a169f4de942f6418f3f Sha1: 55bd99cc5490b60e7a653ffa5f2a8c288ef66e87 Sha256: b07e34257bbaa41c941650a839adad82d4999d92ee62402dbec969d9464c89b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91bd3d66-c15a-489f-a066-7fc0aaa2f508.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10034 x-amzn-requestid: 7975aeb0-15ce-45a7-a088-9bed5af69fc4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8v9FAmoAMFjHQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b74cc-401b308c459c247e76ab5643;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:36:12 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: mQBKW2-nNlrm1gXBZG4V7rhteAvKjpeCmHIUQEabNmXV2HfMgijWaQ== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 23:07:18 GMT age: 22678 etag: "b5ba66ebc4e07d83bb698736a81a2b7316a0e178" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10034 Md5: d6e44089e37d1db52bccdaa78bf9dc30 Sha1: b5ba66ebc4e07d83bb698736a81a2b7316a0e178 Sha256: 91e722a8374fafc556911cf9767eb67107de540d96b3eb0f0932e131d99f2893
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7424 x-amzn-requestid: 9a2bd57a-40d2-4bc0-b4ca-183e9a928bdc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM-3aGPzoAMFj6Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b782f-0dc56e4a7c4aaeb45b45c75b;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:50:39 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 8mTKClr9GKzzrm1TtEmMeBnOQfMLTO4dBuAO-fE4UEfV-SwrFbkjZQ== via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 02:54:31 GMT age: 9045 etag: "709b01a360624eceafb1876f56378824aa4936b3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7424 Md5: 05c7970e81559904d05b6e8cf693f085 Sha1: 709b01a360624eceafb1876f56378824aa4936b3 Sha256: a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340c6dd8-fc2f-45fc-9318-44a28c249325.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9687 x-amzn-requestid: b7c8cd8c-6103-4aa4-9016-f02cf368908d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8JGHyEoAMFzJw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73d3-2fb1fd1b5be3289047f8aed4;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:32:03 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: pwTgv5KbsBUYyFFmAaQkVuceVkWmy6S5-JrC5QptjI6eZYMu23hopg== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:47:44 GMT age: 27452 etag: "d81a4852f956999fa28a5f667ed73506843d0731" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9687 Md5: 6de676f6856031e5c1baebe9166a8269 Sha1: d81a4852f956999fa28a5f667ed73506843d0731 Sha256: 71f282ba594e454a2abf1c3700ade4d9461d6d48ac2726f746f3da5a63e29c38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbdd70a4-b533-4e87-84d2-c2122ca1cdc5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5915 x-amzn-requestid: 1c6acb42-48cc-4113-a8d0-6a811cd16613 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B9xXaGUVoAMFwIw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64156295-0edcaad90df031882fa7457c;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 07:04:53 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 6f6NSPPmIBAP_pxmZuHRz6WJJjnp3NIO26SNyKYhq2FikQkP5hOe7w== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:58:52 GMT age: 26784 etag: "a98933e2845c02158175a54d9648f12086a96569" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5915 Md5: 31ad983ec21e3dee7b6083bc04742aee Sha1: a98933e2845c02158175a54d9648f12086a96569 Sha256: 8cb18730db03dd8727b2ff42ecfa7885b9e8dbe3c37c08b1ad0c67e629338b95

URL	104.248.198.151/f/xs.arm6
IP	104.248.198.151 (Netherlands)
ASN	#14061 DIGITALOCEAN-ASN
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-03-23 05:25:25 UTC
Status	Loading report..
IDS alerts	1
Blocklist alert	21
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (7)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.248.198.151

Last 5 reports on ASN: DIGITALOCEAN-ASN

Last 5 reports on domain: 104.248.198.151

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (39)

Overview

Domain Summary (7)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.248.198.151

Last 5 reports on ASN: DIGITALOCEAN-ASN

Last 5 reports on domain: 104.248.198.151

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (39)

Network Intrusion Detection Systems