r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18853
Expires: Fri, 30 Sep 2022 17:49:10 GMT
Date: Fri, 30 Sep 2022 12:34:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 11:50:46 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ecofvDyXT9JXGKnSyfqCQ17FNiPIZkUwf19nJkVfSiivMGV-5fN9TQ==
Age: 2651
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9351
Expires: Fri, 30 Sep 2022 15:10:48 GMT
Date: Fri, 30 Sep 2022 12:34:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: K/lpHdUmjdHq0jbbhjls57etD/L3R6ENvhERoUAzjdjxAyjjnbE2zkvG/UiyOqYN952i3VXLz5U=
x-amz-request-id: Y91RHD7512X8XDS4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Sep 2022 11:48:35 GMT
age: 2782
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 12:34:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
numenarts.com/css/colors/tails/in/clients/login.php??verification
200 OK 2.0 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/clients/login.php??verification
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 131ea3dd6d53bc0518e2539e1b6daec3
217bc3f2db12cf415e3d972f089d1026d987134f
f1bdcc8cd705ffb73737676c5ba8906858321232bb10260311dbeb12a2730fe4
Analyzer Verdict Alert fortinet Phishing
GET /css/colors/tails/in/clients/login.php??verification HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:57 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 2013
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88; path=/
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
200 OK 2.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8392)
Hash 5fa1a60087fef53b1c0c4f4d6014f684
361a5d6829ec17ebf82571f3b20bd472ab4b0141
43c8409c5dc3b3b21b12068ca0089744c14770ba7f316dfb704b4104cb951bef
GET /ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://numenarts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 12:34:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-210b"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3253207
expires: Wed, 20 Sep 2023 12:34:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61E8FcKfQPB8DW0UUJnWC%2FTeivmWKm2d9hp233fOAtkWBi8WQZTS42cuDQ5oukwh8I%2B4lbHQTjgsojJA%2FG95sN1Gm2bSVmcHniDhCJGl0uh5wZvSllixeYeZ2x1t6Z6pezFbCDQX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 752cfee78d781c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js
200 OK 362 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js
IP
File type ASCII text, with very long lines (65350)
Size 362 kB (362308 bytes)
Hash 62bb7903fab88f2eb3e614bd662f4c72
7e404419744e5b1a842e50a344c6ac6f24753118
2fcdd5f98d838b1440e4101dc63a2a77881e9474fa52577f54f9407b61e418b6
GET /ajax/libs/font-awesome/5.15.1/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://numenarts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 12:34:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 362308
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-123bd0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10425447
expires: Wed, 20 Sep 2023 12:34:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZpZlb2INIxhPZTTzyQMWC87%2FBSZvLDEOLO77dz24hjU6Q0bBPbb9UA75GAdZMEuGhqVeFarAfuE4581RyoXUH5rSInHkI2TkxsmUdBYBo7hI27esCyq6LWCQxtOHk2jDIBGmP15"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 752cfee77d6c1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP
File type ASCII text, with very long lines (65299)
Hash 151629f36761d6fb6d0e0330239884a6
ebb9c30e5565793e2767735f0647bdf26fed4ab5
53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://numenarts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 30 Sep 2022 12:34:57 GMT
age: 14202762
x-served-by: cache-fra19179-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65326)
Hash 77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://numenarts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 30 Sep 2022 12:34:57 GMT
age: 16606250
x-served-by: cache-fra19178-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2
numenarts.com/css/colors/tails/in/assets/css/style.css
200 OK 2.1 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/css/style.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6757), with CRLF line terminators
Hash 467fa0d018c511e68c2a039dd05bffb8
c8a6cdccb67df6435552aac772bd0d13177a16f0
633080b57f71000cd8c9bf33ce9363e065972da38f1a6adbeff233589fec5dd8
GET /css/colors/tails/in/assets/css/style.css HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:57 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2060
Content-Type: text/css
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash cffee37b7e13cd84ebc7c63df98fb641
32c8cc1144171842405511e918ff1e94690336e9
6a2e00e05c002188497e2955cdd07cc1200b322b55584edfb27499b33e2a7568
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "642363B1B5D1E645A98DC89BC672ABEC010E73BE"
Expires: Fri, 30 Sep 2022 23:00:00 GMT
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2824
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752cfee85aabb51b-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
numenarts.com/css/colors/tails/in/assets/js/script.js
200 OK 228 B URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/js/script.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash e00f4b40e2421c813f955d5c86c499bd
049dc8d5a8c16f85877e20958f87bd99144259a0
081ec46f8dd55f7f228ed35922386184e7c87e6b6bde3508d36f5f22aef019f0
Analyzer Verdict Alert fortinet Phishing
GET /css/colors/tails/in/assets/js/script.js HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 228
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
numenarts.com/css/colors/tails/in/assets/imgs/social.png
200 OK 2.4 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/imgs/social.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 144 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash b8fbb62e80f1bd7e98b3f2791827f273
d5edbda3ff000614c387376643dfaf926c1ea94a
0baf2c3bb2a144edcae08d5118b4a36a8942b9848a3efee89dc4b263dac99f67
GET /css/colors/tails/in/assets/imgs/social.png HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:58 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Content-Length: 2374
Content-Type: image/png
numenarts.com/css/colors/tails/in/assets/imgs/qrcode.svg
200 OK 2.0 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/imgs/qrcode.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1333)
Hash a4288f3f0ce7f5c60c76a005c363b0a2
040c96d03849b32161c2f5a75570e300e101015b
9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914
Analyzer Verdict Alert fortinet Phishing
GET /css/colors/tails/in/assets/imgs/qrcode.svg HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Content-Length: 2015
Content-Type: image/svg+xml
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 12:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 12:48:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pdxxIuB7nFiJxmAfK89ES8k3LDdp2uap3VV3XmxqDFJnmhUtXP0J4g==
Age: 325
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.5.1.min.js
200 OK 471 B URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://numenarts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 12:34:57 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664541297.dop202.sk1.t,1664541297.cds225.sk1.hn,1664541297.cds208.sk1.c
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
200 OK 8.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
IP
Hash 3e161df9e7b1ddf8ede251fb458b621a
c5e0075e76c6593ff5856201e4fd7dbc680dfc7b
ff11ca13576df041db82d7befc1bb76d7b0152ac2ef92e3e5a6cb1b01f89d8e6
GET /css2?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://numenarts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Sep 2022 12:34:58 GMT
date: Fri, 30 Sep 2022 12:34:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://numenarts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:31:03 GMT
expires: Thu, 28 Sep 2023 19:31:03 GMT
cache-control: public, max-age=31536000
age: 147835
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://numenarts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 147839
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://numenarts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 147839
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
numenarts.com/css/colors/tails/in/assets/imgs/logo.svg
200 OK 16 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/imgs/logo.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fadbc12d733ab01b8a1ef432d57201e
e3b63b70496e1132993e3195b98cce517eb6be7a
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
Analyzer Verdict Alert fortinet Phishing
GET /css/colors/tails/in/assets/imgs/logo.svg HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Content-Length: 16157
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 12:34:58 GMT
Last-Modified: Fri, 30 Sep 2022 11:48:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
numenarts.com/css/colors/tails/in/assets/imgs/img.png
200 OK 45 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/imgs/img.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 328, 8-bit/color RGBA, non-interlaced\012- data
Hash 916fde8a4ca8095fc339d6829d7d6723
361d7a7c72709eb08ac9b8fc97b99f54cd3d5378
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e
GET /css/colors/tails/in/assets/imgs/img.png HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Content-Length: 44838
Content-Type: image/png
numenarts.com/css/colors/tails/in/assets/imgs/favicon.png
200 OK 1.1 kB URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/imgs/favicon.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 05109391d24525095c9b245552976b7a
40ca7d352f2c54f260f4b760fa2282c7bbbecc1b
ebb259e44e1b2057460cacd114f0100801521edc05ccae03d0fa5f10f00fbdce
GET /css/colors/tails/in/assets/imgs/favicon.png HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:58 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Content-Length: 1103
Content-Type: image/png
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QpRaHe191VcSJs8M0tSCjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FheORzMxQl4ajSTkxpYPrmgtSig=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15155
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 12:34:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15155
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 12:34:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15155
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 12:34:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15155
Expires: Fri, 30 Sep 2022 16:47:34 GMT
Date: Fri, 30 Sep 2022 12:34:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 139a144f8cb04ac8aae65f4bad1473e7
265840b2d2fc6eb764cc6409b05deee8d77a19c2
6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:24:00 GMT
age: 51059
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FtNPTuAVR9eG-GSa5-hDmE0ORX7tXZ7EUJ8_qdgM148QBZYWxGMifA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 05:28:35 GMT
age: 25584
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13a12db696bc2bf6a6ea2f48f4c1428e
3481dce8ab711111fc8863d88bee1a887cfd43ac
6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aeTAqh8D5whTHS3seyOUj7QCNaITUh2ekHG8vNWZlpSeAnqPuFzmcQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:46:34 GMT
age: 53305
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 11:52:34 GMT
age: 2545
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1389b1d624b44706c7a6f6b7eb769241
78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f7RrSV82yxUNWPUohKYX-_PBShMw7Qk82bepr3WAGkzHTjLR-gIXBA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:53:34 GMT
age: 49285
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b542c54-7443-4efd-b43a-b50beff0bc4c.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b542c54-7443-4efd-b43a-b50beff0bc4c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa63437d6ec946f7f95de280e604859c
ab137ea318dc0c4e585c4b3a1ea053489afa5c69
9f235e8addc73bc7dfa48b5c0e99eea32106a5a13dcab877607cd733b4456267
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b542c54-7443-4efd-b43a-b50beff0bc4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10818
x-amzn-requestid: b2627f26-5120-4de7-80bc-6ba93126921a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5REORoAMFXYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103b-04db09ff0b48c0cd45f90bae;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ez9HpXo_UXvZkGEd058cBUdO72LdIotlB-VQ2fzDzncv2TPPN44Guw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:53:35 GMT
age: 52884
etag: "ab137ea318dc0c4e585c4b3a1ea053489afa5c69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
numenarts.com/css/colors/tails/in/assets/css/helpers.css
200 OK 0 B URL HTTP/1.1 numenarts.com/css/colors/tails/in/assets/css/helpers.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /css/colors/tails/in/assets/css/helpers.css HTTP/1.1
Host: numenarts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://numenarts.com/css/colors/tails/in/clients/login.php??verification
Cookie: PHPSESSID=297bc3b326d67fc7675b6f4896dc7d88
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 12:34:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 22 Sep 2022 22:12:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5411
Content-Type: text/css
67.20.113.142
104.17.25.14
151.101.85.229
93.184.220.29
23.36.76.226