Overview

URLprintearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
IP 162.214.12.116 (United States)
ASN#46606 UNIFIEDLAYER-AS-1
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-04 01:54:37 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts
8
Phishing - J.P.Morgan
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
printearte.com.br (19) 0 2015-09-10 12:44:08 UTC 2022-10-03 15:08:02 UTC 162.214.12.116 Unknown ranking
cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-03 09:28:27 UTC 104.17.25.14
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 20:32:42 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 17:23:50 UTC 143.204.55.27
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.35
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 52.41.246.187

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 printearte.com.br/a2/js/jquery.player.js Phishing
2022-10-04 2 printearte.com.br/a2/js/jquery.validate.min.js Phishing
2022-10-04 2 printearte.com.br/a2/js/jquery.CardValidator.js Phishing
2022-10-04 2 printearte.com.br/a2/js/jquery.min.js Phishing
2022-10-04 2 printearte.com.br/a2/img/logo.svg Phishing
2022-10-04 2 printearte.com.br/a2/fonts/opensans-regular.ttf Phishing
2022-10-04 2 printearte.com.br/a2/fonts/dcefont.woff Phishing
2022-10-04 2 printearte.com.br/a2/img/background.desktop.2.jpeg Phishing
2022-10-04 2 printearte.com.br/a2/img/icon.ico Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 162.214.12.116
Date UQ / IDS / BL URL IP
2023-03-21 00:07:04 +0000 0 - 1 - 0 printearte.com.br/s3c/auth.php?NKgYObEUkvwhzx (...) 162.214.12.116
2023-03-20 18:24:47 +0000 0 - 1 - 0 printearte.com.br/d5n/auth.php?md=msndxfhcrgj (...) 162.214.12.116
2023-03-20 08:19:16 +0000 0 - 0 - 1 printearte.com.br/s3c/auth.php 162.214.12.116
2023-02-04 12:58:33 +0000 0 - 0 - 19 printearte.com.br/fx3/auth.php?md=tNdYoaBTImb (...) 162.214.12.116
2023-01-28 10:14:36 +0000 0 - 0 - 20 printearte.com.br/fx3/auth.php?md=tNdYoaBTImb (...) 162.214.12.116


Last 5 reports on ASN: UNIFIEDLAYER-AS-1
Date UQ / IDS / BL URL IP
2023-03-29 19:20:11 +0000 0 - 0 - 6 ad3.saunarelief.com/stiles.com/iris.molina@st (...) 69.49.244.31
2023-03-29 19:19:05 +0000 0 - 0 - 5 vacaciones.geret.cl/login.php 162.241.60.15
2023-03-29 19:12:35 +0000 0 - 0 - 6 jhk.saunarelief.com/civicap.com/hbernard@civi (...) 69.49.244.31
2023-03-29 19:10:31 +0000 0 - 3 - 12 paypal-support.com.desenvolvedortheosbank.com (...) 162.241.60.162
2023-03-29 19:08:08 +0000 0 - 0 - 6 eue.saunarelief.com/refijet.com/filmon.yohann (...) 69.49.244.31


Last 5 reports on domain: printearte.com.br
Date UQ / IDS / BL URL IP
2023-03-21 00:07:04 +0000 0 - 1 - 0 printearte.com.br/s3c/auth.php?NKgYObEUkvwhzx (...) 162.214.12.116
2023-03-20 18:24:47 +0000 0 - 1 - 0 printearte.com.br/d5n/auth.php?md=msndxfhcrgj (...) 162.214.12.116
2023-03-20 08:19:16 +0000 0 - 0 - 1 printearte.com.br/s3c/auth.php 162.214.12.116
2023-02-04 12:58:33 +0000 0 - 0 - 19 printearte.com.br/fx3/auth.php?md=tNdYoaBTImb (...) 162.214.12.116
2023-01-28 10:14:36 +0000 0 - 0 - 20 printearte.com.br/fx3/auth.php?md=tNdYoaBTImb (...) 162.214.12.116


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-08 06:29:29 +0000 37 - 0 - 9 dorainsurance.com/auth.php?md=rougtfxanjhlhns (...) 107.180.11.206
2022-10-03 17:55:22 +0000 7 - 0 - 8 printearte.com.br/a2/auth.php?md=XwTLGPMKBjNY (...) 162.214.12.116
2022-10-03 11:39:19 +0000 8 - 0 - 9 printearte.com.br/a2/auth.php?md=xjtRzbkOGfiw (...) 162.214.12.116
2022-10-02 17:53:54 +0000 8 - 0 - 9 printearte.com.br/a2/auth.php?md=vtgpficeksai (...) 162.214.12.116
2022-10-02 16:08:47 +0000 8 - 0 - 9 printearte.com.br/s3c/auth.php?md=ByWrCHKebMR (...) 162.214.12.116

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (1)
#1 JavaScript::Write (size: 4) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0
2022


HTTP Transactions (38)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 01:33:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9e9r7CGpuIMS2yTgrx3kyheYFk69hKk88dDz4858iomBpWjlqa10uA==
Age: 1247


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Tue, 04 Oct 2022 03:24:31 GMT
Date: Tue, 04 Oct 2022 01:54:26 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k331peBmhyGByHT0thjs5taunV4jbpGGp26L09nappmnMtVoKNzTGw==
age: 73559
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 01:54:26 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS= HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 01:54:26 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26098
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (478), with CRLF line terminators
Size:   26098
Md5:    013c9dfa526382bc780fab84a98e045a
Sha1:   c3456de80baed0215f9f564851afc968cce3f9ac
Sha256: 0f7bba4d4da19d9131f621249aa7cbdd87b15960864c88fd106bbf0848b94195
                                        
                                            GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://printearte.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 01:54:27 GMT
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3563653
expires: Sun, 24 Sep 2023 01:54:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebzu7o0DQNKr5AyZSQaeI58lAmHavUP1KvDOKXXz71gQ5kBBhrj0AH1oPySfG37yvoxzGgJMsv%2F6rg4WVJ8VD38gJB3DWuZMV6q%2B7aIh0PK4lFAk%2BdgSw%2BK5h2nhN30AzHT%2Bpmp7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754a4a27196cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4517
Md5:    e40e054c5726f042bad463e3774a2777
Sha1:   5c9413b72837a440b327444104830c35ae3b052c
Sha256: fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
                                        
                                            GET /a2/js/jquery.player.js HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 12:01:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 9898
Keep-Alive: timeout=5, max=99


--- Additional Info ---
Magic:  ASCII text, with very long lines (50474), with no line terminators
Size:   9898
Md5:    695bd64db63b7a4f57dd754ca4995ff9
Sha1:   d7261e2734398547598f0aec0928dcfba013bff2
Sha256: 567098561f01f59a54728573b1f8df8522b279be26954e5904145305bde2eada

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 01:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 02:09:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QKNOD0A9oV1a5DiOieRmlMwSPjjuxMwXUiiB6BdMZT9eab2i_KInwQ==
Age: 1494


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /a2/js/jquery.validate.min.js HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2018 09:12:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 8046
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text, with very long lines (833), with CRLF line terminators
Size:   8046
Md5:    0d22a2c375340d6f68c7832f5bda6a01
Sha1:   16dfdcf36be9b17505177bf189baa072391da753
Sha256: 045beaf8c0f59e447b3bc0e6aa42da1c9cc563bf68eedcdd17f378afd0a084fe

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/js/jquery.CardValidator.js HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Mon, 28 Aug 2017 18:03:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 2083
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text
Size:   2083
Md5:    5e3812c918f22e125f3ea8c08bceaf76
Sha1:   d5e6624b80474ea77e1adb60db6b0ded24205627
Sha256: 31d0740c9a71776c253640a6915be5b120d3e90b6765d1d46f94c72a908b185e

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/css/lostyle.css HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 17:00:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 15956
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   15956
Md5:    8caeecf9afc9290ddb1fddd0dc6631d1
Sha1:   9e2b379226bfc47b963fe33dd4ecb71da056eedd
Sha256: 7d27898c3d4e3e2f6bfce2d14c1bface75802ae741d44364c41e0be93698a17d

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5536
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 01:54:27 GMT
Last-Modified: Tue, 04 Oct 2022 00:22:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /a2/css/style.css HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Fri, 03 Apr 2020 17:40:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   68491
Md5:    4bb7500c8e365a32a7430a3eb3c16f67
Sha1:   286b2e8c9959b219109e21f52c6ef54975e7a172
Sha256: a6745a01df880c2b8abc2b129a84ce094865e8bc132399f40791f07c13ecfaf4

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
                                        
                                            GET /a2/js/jquery.min.js HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Fri, 17 Apr 2020 04:17:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 40021
Keep-Alive: timeout=5, max=100


--- Additional Info ---
Magic:  ASCII text, with very long lines (568)
Size:   40021
Md5:    514a4c838e493228ce16d0b1b5914751
Sha1:   78b1e5eaef6056170d8995820ae5277fe5c9a7a5
Sha256: 4f0974852ba99efb4adb48759d70ea2dc69e7a9f9a824f9947d1a136c8145565

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/img/alert.gif HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Mon, 06 Apr 2020 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 6926
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 240\012- data
Size:   6926
Md5:    6b3fe3fcfdc8a4f64ce935194f5591ab
Sha1:   64d7c83fa447c9b84997b034d8434155ae53163e
Sha256: 86a86f9ba8a23418cb079bbf61fe64974770fb416a27384ef80045976487894e
                                        
                                            GET /a2/img/aioe_icon_3_devices_lg.png HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Mon, 20 Sep 2021 14:54:26 GMT
Accept-Ranges: bytes
Content-Length: 3677
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99


--- Additional Info ---
Magic:  PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size:   3677
Md5:    33ac311a458863ee4fc16b6fae4a40b5
Sha1:   9b65fd7af34bdaaddcde363383114f706b335ad8
Sha256: e457f20d64d186c61a8467fe70d4eec890ed7fb85d5de2a9fc31834567131a1f
                                        
                                            GET /a2/img/aioe_icon_2_card_lg.png HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Mon, 20 Sep 2021 14:53:10 GMT
Accept-Ranges: bytes
Content-Length: 3262
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99


--- Additional Info ---
Magic:  PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size:   3262
Md5:    b8ce783abcee5ceb012b84d6f275b908
Sha1:   ef64977d3f752bdefd0df2360600908ef8575324
Sha256: ec7a2e669f551ad0588a2ce4b1ee04fd5ae9ee16042fc97d022c6b287b9a6494
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m2a2LL4FuLQ7TssQpoDRmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.246.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 83PwMj6ovQWjZSDVr5p/qf2apc8=

                                        
                                            GET /a2/img/loading.gif HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2018 08:03:50 GMT
Accept-Ranges: bytes
Content-Length: 38636
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   38636
Md5:    d10ef01e81faa2c2d812bdf670b4e072
Sha1:   77d09a57b2091fd7665dff763a5eab23e0ff907e
Sha256: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
                                        
                                            GET /a2/img/congra.png HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Mon, 02 Dec 2019 14:22:14 GMT
Accept-Ranges: bytes
Content-Length: 22060
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   22060
Md5:    1cb46cbb550a7047d40ff30244ca144b
Sha1:   8c41692d4a18624338f9ec32f569b028aa20f827
Sha256: 065a5ede3e090578c581c77883c6acfa9dc9393efc2f19775cfb410263fa8e1c
                                        
                                            GET /a2/img/emdef213.png HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Sat, 04 Apr 2020 20:34:26 GMT
Accept-Ranges: bytes
Content-Length: 26120
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   26120
Md5:    f97e9297a90a73c16b5734c0910785ce
Sha1:   d9df719d58da061ccf75349314e562f8b22b76d3
Sha256: 9f926e83679171e34c289ff3aa5b7f067e75cfa564345f53941ca824c42d5f77
                                        
                                            GET /a2/img/logo.svg HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/css/lostyle.css
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Fri, 03 Apr 2020 16:54:14 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 645
Keep-Alive: timeout=5, max=98


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   645
Md5:    d9f9bf9d31b5f774a174920f02af0cbd
Sha1:   32207860ceec665b5e3e43cb93964942d8c95494
Sha256: 152fa82655f284db8ec59d3a30631f9ebdb0e2ef44e94801d0a569881f39f956

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/img/aioe_icon_1_pid_lg.png HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 01:54:28 GMT
Server: Apache
Last-Modified: Mon, 20 Sep 2021 14:51:00 GMT
Accept-Ranges: bytes
Content-Length: 4004
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=97


--- Additional Info ---
Magic:  PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size:   4004
Md5:    210d4f89d07fe1f8fd4d9a319e63933f
Sha1:   8b9f60d4c9368881d3cfb41fb7426675e03619db
Sha256: 8e2e5ed99b3cf11d88f281c0ad9ac0aaa30c311515536c8a9c90be58ca56ec39
                                        
                                            GET /a2/fonts/opensans-regular.ttf HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: x-font/ttf
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 08:35:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: max-age=A10368000, public
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 24702
Keep-Alive: timeout=5, max=98


--- Additional Info ---
Magic:  TrueType Font data, 19 tables, 1st "FFTM", 18 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data
Size:   24702
Md5:    813f15507201fff80e70d44b3625ed33
Sha1:   e064bf094b063661d54592ec1ce7922848d9081c
Sha256: 75fc65ef4942d7905326db1102af7dc166908c1abe070537c5589f629bfadb16

Alerts:
  urlquery:
    - Phishing - J.P.Morgan
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/fonts/dcefont.woff HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://printearte.com.br/a2/css/style.css
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: x-font/woff
                                        
Date: Tue, 04 Oct 2022 01:54:27 GMT
Server: Apache
Last-Modified: Fri, 03 Apr 2020 17:34:38 GMT
Accept-Ranges: bytes
Content-Length: 70296
Cache-Control: max-age=0
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 70296, version 0.0\012- data
Size:   70296
Md5:    2ec43bffa4424b28d0cc96b37cca33a4
Sha1:   1cde2661fb95ece87155c7931d5da6911331ef43
Sha256: 6ea71f4189e78297e3d1834c586a10dd39826ed8361cb1268b847cef45e03cb1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/img/background.desktop.2.jpeg HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 04 Oct 2022 01:54:28 GMT
Server: Apache
Last-Modified: Wed, 22 Sep 2021 11:42:56 GMT
Accept-Ranges: bytes
Content-Length: 309361
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size:   309361
Md5:    30e3297a08e622ea58b5c7c48d7aea00
Sha1:   b149de4675e760c75290caa2bf1b10555f713755
Sha256: 3f9514fc14e825f42d56aabfbb89cae31ad9208436dd5455a2bfc3826a8f86f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /a2/img/icon.ico HTTP/1.1 
Host: printearte.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printearte.com.br/a2/auth.php?md=XwTLGPMKBjNYeCsnpQgS&XwTLGPMKBjNYeCsnpQgS=
Cookie: PHPSESSID=e92a9a856f50a401400052df57fc5226

search
                                         162.214.12.116
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 04 Oct 2022 01:54:28 GMT
Server: Apache
Last-Modified: Fri, 17 Apr 2020 05:43:34 GMT
Accept-Ranges: bytes
Content-Length: 32038
Cache-Control: max-age=0
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   32038
Md5:    5744986eb3dc6f2da92157a651889902
Sha1:   5a558b58498fab2aeb742acdab51e0c2fbc78385
Sha256: 625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Tue, 04 Oct 2022 03:03:54 GMT
Date: Tue, 04 Oct 2022 01:54:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Tue, 04 Oct 2022 03:03:54 GMT
Date: Tue, 04 Oct 2022 01:54:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Tue, 04 Oct 2022 03:03:54 GMT
Date: Tue, 04 Oct 2022 01:54:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Tue, 04 Oct 2022 03:03:54 GMT
Date: Tue, 04 Oct 2022 01:54:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Tue, 04 Oct 2022 03:03:54 GMT
Date: Tue, 04 Oct 2022 01:54:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 76297
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8738
x-amzn-requestid: ede4db78-f2ab-4226-a855-dc7373978dfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTFrBoAMFR3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-2776543e774f0016329ddade;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nKHkVE65lTlwb2EAe8mhhOmwqoTXGDOcWQu-RS1K2fMRV2_l7HT1IA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 15008
etag: "d830b94bea3b5698e5192a7ea05f90b25b2f9cc9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8738
Md5:    d5745f8e3528f481ae2acf05b4abd3d0
Sha1:   d830b94bea3b5698e5192a7ea05f90b25b2f9cc9
Sha256: 313e11915f0869a608c830637b9dfd236ff28a8fb3354c3cc8748816b0ee18b0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 15008
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e2742a-a49a-4d87-a767-7dbb56cff473.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6107
x-amzn-requestid: 6516bfcd-d6a5-4f46-81fa-ef6033e21aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqO7GXOoAMF8hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b572c-27fb158e152659380e27c292;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:42:04 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SVkRglRw_TkmAMN-8BydwiWrLcFxpaR9hPsG7OjvGN5KtxteTiVYlw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:30 GMT
age: 14998
etag: "291232594a2f3170afed3b4814e3a11233d0f05e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6107
Md5:    1f0977129995c466e4710e0ae4304d3e
Sha1:   291232594a2f3170afed3b4814e3a11233d0f05e
Sha256: 80927a148dff4908b799b9f6d167769e68346491092520f5e3638b0f8b5d55a3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3966c4-a932-4eb5-a3bf-ca25cde92ccb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5317
x-amzn-requestid: 84ffe752-ae82-4fb6-9b29-9b69a3a3dcdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGEjIAMF8Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-3717ba3f22da06bc791b20b6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uS3VqXlUimv6Ef0jk6sxGp4xrg7LxbU9w34IE5KF4boZwkkhv6qfAQ==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 15008
etag: "4d208807e10e73309811101ef2d26ff33b642585"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5317
Md5:    a0927f94dd9e0cc7272f77972048658c
Sha1:   4d208807e10e73309811101ef2d26ff33b642585
Sha256: 3f184d9ba1588d451dfe5e4dfd84456ce533cbccaf1390ad423e1c6d38c8a35b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:32:19 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
age: 8529
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9855
Md5:    7b7345414898d451d930431b46d4bd00
Sha1:   a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
Sha256: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c