link.trkhs.com/C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_
301 Moved Permanently 0 B URL HTTP/1.1 link.trkhs.com/C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_ HTTP/1.1
Host: link.trkhs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Thu, 19 Jan 2023 06:42:11 GMT
Location: https://link.trkhs.com/C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2881
Expires: Thu, 19 Jan 2023 07:30:12 GMT
Date: Thu, 19 Jan 2023 06:42:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13999
Expires: Thu, 19 Jan 2023 10:35:30 GMT
Date: Thu, 19 Jan 2023 06:42:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 05:49:25 GMT
content-type: application/json
age: 3166
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10410
Expires: Thu, 19 Jan 2023 09:35:41 GMT
Date: Thu, 19 Jan 2023 06:42:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wRPe4sn8Ojvol1DO/l+slMlKNOAI24sH5/3JYwy/Arvw+yyj4hfcu6WLXogvdb8fIEwdkU6/2DY=
x-amz-request-id: PBE77DF9C9DVXAW8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 05:45:45 GMT
age: 3386
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:42:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 7ead84838d60c7462287c21be7eeb155
1ee69116476df83f8b362140108a00e53d1d877b
06d7c6ceeaaddfca37a98bb600ac8f58eb7c8dbec660a7a95cdfac9b76852201
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=150504
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:42:11 GMT
Etag: "63c88f2b-2d7"
Expires: Sat, 21 Jan 2023 00:30:35 GMT
Last-Modified: Thu, 19 Jan 2023 00:30:35 GMT
Server: nginx
Content-Length: 727
link.trkhs.com/C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_
302 Found 0 B URL HTTP/1.1 link.trkhs.com/C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /C1D78/TK3CQ?&externalid=61d1fb4dcc70590001b02534&subid=5490_ HTTP/1.1
Host: link.trkhs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Content-Length: 0
Date: Thu, 19 Jan 2023 06:42:11 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate
Expires: -1
Location: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Pragma: no-cache
Set-Cookie: V_1D78=638097073316511649|||||; domain=link.trkhs.com; expires=Tue, 19-Jan-2123 06:42:11 GMT; path=/; secure; SameSite=None
MREvt=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409; domain=link.trkhs.com; expires=Tue, 19-Jan-2123 06:42:11 GMT; path=/; secure; SameSite=None
MRPEvt=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409; domain=link.trkhs.com; expires=Tue, 19-Jan-2123 06:42:11 GMT; path=/; secure; SameSite=None
TRFK_EventId: NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:dfa34523-a7bd-4de5-a276-fe480e1ef8cd
X-Powered-By: ASP.NET
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 05:48:57 GMT
age: 3194
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5259
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:42:12 GMT
Last-Modified: Thu, 19 Jan 2023 05:14:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 727 B IP
Hash 6b0bd353b442b2001d2760e79c29e339
f9c1b5f63117ed088fc81d1e0a362c49fcf48c93
8a00564ab2ab29b2449283dcc9742b2618f3879d364f21e028740adfa77ffebf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122789
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:42:12 GMT
Etag: "63c822e9-2d7"
Expires: Fri, 20 Jan 2023 16:48:41 GMT
Last-Modified: Wed, 18 Jan 2023 16:48:41 GMT
Server: nginx
Content-Length: 727
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uTSJeUNr34Q6W+uOwe+V3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QxuJpYq5h4zE+PQBMXw50NpKkiQ=
w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
200 OK 23 kB URL HTTP/1.1 w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (749), with CRLF, LF line terminators
Hash 38a13261510aa623e1c97ac2920249f3
08aa7435f7d30179c2816cbd30b0d9348f8ff4a4
958ccb7cf36624486fdf5276152ce3f42e203d7ddb66bc0c7ff164c30fb08e2f
GET /2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Length: 23328
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Jan 2023 06:42:12 GMT
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; path=/; secure; SameSite=None
PSESS=Id=202301190642123432154804037&LA=133185841323900900; expires=Sat, 19-Jan-3022 06:42:12 GMT; path=/; secure
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221674110305359%22
200 OK 21 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221674110305359%22
IP
File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Hash 3edf36a59a283f9983ecf84421578996
75ee9445627c11f6f514eb483830d9b3d551e61b
59ffe2a7c72153372d7914779c3cbe383838212c843f0877bd47a87fcccbd07e
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221674110305359%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Thu, 19 Jan 2023 06:41:57 GMT
last-modified: Thu, 19 Jan 2023 06:38:25 GMT
content-type: application/json
age: 15
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
w.boxtvision.com/views/products/lib/v7-lite/style/bootstrap.min.css
200 OK 32 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/style/bootstrap.min.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65320), with CRLF line terminators
Hash 3a3cd8ed17a37a0a8555cbc89ad8d0a1
6a1e955bc77966dcdf818a2f0763256544413464
5f386f6c8a22145a991b82aa6b1a94a1257a2f01468d1e53c8698f78f2d1e06b
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/products/lib/v7-lite/style/bootstrap.min.css HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 32198
Content-Type: text/css
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E8394C00"
Expires: Fri, 20 Jan 2023 04:34:28 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:20 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js
200 OK 2.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js
IP
File type ASCII text, with very long lines (8152)
Hash 97c687af34ccd69fdfe48fbca70afec2
ab75720b2143215335378849e4f295a290d4d41f
748b1da138fb49f26c67ae1eaa8908da0b8c9625ad0ece81d704a7fb9a7d07b5
GET /ajax/libs/wow/1.1.2/wow.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 2346
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04033-1ff6"
last-modified: Mon, 04 May 2020 16:17:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5571400
expires: Tue, 09 Jan 2024 06:42:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGKUF1LKW0Ug8WviYqGfzXT%2B85EA%2BL63hLVsOk%2FXYkUCVsazW0H2aLwZxPGSLhHiY3SgdJiYvyaW1UmLrwhJL0jdR3GV6W4UKU%2BWf%2FtB%2BSiu5m%2FtwD1bALP3SZAnbsscnGk5F355"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78bd96cd8cbcb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.33.3/es6-shim.min.js
200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/es6-shim/0.33.3/es6-shim.min.js
IP
File type ASCII text, with very long lines (32019)
Hash 1d3623a88e88ee8e406f4e0f7ef70872
4d0afc789b96b8d9d56efcac4e084bcdb8a3cbef
428e96a68bece8cecb74b97bd7bf925f55ad623b91ab2e716c2af9d41f19d687
GET /ajax/libs/es6-shim/0.33.3/es6-shim.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 12540
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e54-bd42"
last-modified: Mon, 04 May 2020 16:09:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9681191
expires: Tue, 09 Jan 2024 06:42:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qpbqr3CjpYC1RRhF9ErMIzEtV18cwG%2Fwb%2FDfOT9djXG97WqOA0rZDK0q%2FmQGdIS8tuaYlCkge2ZGn1AVWTS09IK5sVXVh5DSeav9VWzc5qKk1rKcZB8yjyaUCEBzs4%2BeLpYBFt4y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78bd96cd8cbfb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.20/system-polyfills.js
200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.20/system-polyfills.js
IP
File type ASCII text, with very long lines (13857)
Hash 9ed9afb279ddeec94a8b28b6894f57a2
921b84d91da8662719063511b46e8288f4751cd4
d46fe858fb13b435b92ba715fa4b83ed30cf35dd8914c39ed4164bcb07729cff
GET /ajax/libs/systemjs/0.19.20/system-polyfills.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 4019
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ff8-3697"
last-modified: Mon, 04 May 2020 16:16:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5571759
expires: Tue, 09 Jan 2024 06:42:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFgypXMXNly%2FdaVlUVjTAri0VznNK1kL%2FXju5kKxLbhOuCiSqyV2ZweqECTkppq6WwpVJR0g5K9sXebFMmidxmfhSHNccfsssd%2BF7xjsgTETwFFBUDomZ6ftLF6MtOufcURn3VB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78bd96cd8cc5b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
w.boxtvision.com/views/products/lib/v7-lite/packages/ui-router.min.js
200 OK 45 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/ui-router.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (64987), with CRLF line terminators
Hash a0eb53f5e42b642e3cacc08123d41c35
ebd579dc0febdb8bf95fa52c912152fd15b70d87
a1ee9e805c6edfa1c831e8f53cfe2fb5007b4745926688b90be47363ef583d76
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/ui-router.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 44934
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E7081F00"
Expires: Fri, 20 Jan 2023 03:25:28 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:18 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/style/main.css
200 OK 0 B URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/style/main.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/products/lib/v7-lite/style/main.css HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/css
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
ETag: "1D84F40E8394C00"
Expires: Fri, 20 Jan 2023 04:37:37 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:20 GMT
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/angular-sanitize.min.js
200 OK 4.2 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/angular-sanitize.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1257), with CRLF line terminators
Hash 8c2b7f369873e4ffa8ae6f8288719ab5
29b64a10fe590d5df87485658c2c910292b9ac3e
b32f13bf112d29afeb1f275b05d46adb4369cb3106334b11118e132b4cf27689
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/angular-sanitize.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4171
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E4A5C500"
Expires: Fri, 20 Jan 2023 04:37:37 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:14 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/style/animate.min.css
200 OK 6.8 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/style/animate.min.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (57790), with CRLF line terminators
Hash a82648fae3ff53a7db2404023bbeb3cf
c2a5405d5bbd1ccf13eb346720c0c58107e97e90
c3cd3db8f34b50db26a16ff660b21fddfe9759b1ab9115da2233f54bd2c66e17
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/products/lib/v7-lite/style/animate.min.css HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6797
Content-Type: text/css
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E8394C00"
Expires: Fri, 20 Jan 2023 03:36:57 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:20 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/Products/6656/assets/css/style.css
200 OK 3.3 kB URL HTTP/1.1 w.boxtvision.com/views/Products/6656/assets/css/style.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (5550)
Hash 367ee114bb334b0e94ff017d21c55c8c
45c96148a4134266d75c4993c76476a47e6b05a5
a210d9e11b27a9b9d576e0963db7bc0c9189f1a8967aa8917ad5a4cd0e862ee0
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/Products/6656/assets/css/style.css HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3306
Content-Type: text/css
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D7C500EB5AFE80"
Expires: Fri, 20 Jan 2023 03:36:57 GMT
Last-Modified: Tue, 19 Oct 2021 15:49:37 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/jquery-3.1.1.min.js
200 OK 39 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/jquery-3.1.1.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 09f6bd206b0e6b457a3b9b0c5fac11d8
55e6c911fea1e395cd018fa567c059d716e6271e
fcea748b73069c9c80ca305bec81278a03e68cef0dc1b14c2f48c8bb3ea75846
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/jquery-3.1.1.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 38885
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E5D6F200"
Expires: Fri, 20 Jan 2023 04:37:37 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:16 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/angular-cookies.min.js
200 OK 988 B URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/angular-cookies.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (555), with CRLF line terminators
Hash 19ca1bafdd53823b1bb1165822aef09f
499ecb518432296c61267da3bce13e41c24f7a31
6d356424f563115abe168718d9e0ebbdc06d3129d7a6b67208391869fdfaa664
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/angular-cookies.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 988
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E4A5C500"
Expires: Fri, 20 Jan 2023 04:37:37 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:14 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/jquery.payment.min.js
200 OK 5.0 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/jquery.payment.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (388), with CRLF line terminators
Hash 7c208c5325f49f9e725ab667d286db6b
ee3e5de52d6cebaaab42f43305dfac364a7ed646
76b5015849e0efef7cc80fd03356313cff65638284021ef7a96797e2ef00ba00
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/jquery.payment.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5039
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E66F8880"
Expires: Fri, 20 Jan 2023 04:37:38 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:17 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/jquery.validate.min.js
200 OK 8.5 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/jquery.validate.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (21445), with CRLF line terminators
Hash 6c24218955f2dec44867606f2bf4f982
f088d4f9d1268b31a05ccf58055be1197a31c43f
e4b8340b01bb905aba0ff1693707355097d93136858c45e2b3dfcc13d4d736cc
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/jquery.validate.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8492
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E66F8880"
Expires: Fri, 20 Jan 2023 04:37:38 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:17 GMT
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/angular.min.js
200 OK 78 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/angular.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (672), with CRLF line terminators
Hash 97e7f2056a251b22debcf1843a8baf37
601c28c263b7501192e22c93a606abd417c7728a
8150fd0664f4e58b68c810cfd55a9790203835c39ef9b11d6fc1495c5c67cedf
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/angular.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E53E5B80"
Expires: Fri, 20 Jan 2023 03:36:57 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:15 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/products/lib/v7-lite/packages/jquery.ui.min.js
200 OK 86 kB URL HTTP/1.1 w.boxtvision.com/views/products/lib/v7-lite/packages/jquery.ui.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32157), with CRLF line terminators
Hash bff701ae959f913eb6317e36585b9cf6
40c296f6d00473d546962a9565c0e317b35121aa
a2a88bf9e1ef6bc80621b0d244ccd30b20b7e1bc1b3872e10708c5857e0f7922
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/products/lib/v7-lite/packages/jquery.ui.min.js HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
Content-Encoding: gzip
ETag: "1D84F40E66F8880"
Expires: Fri, 20 Jan 2023 03:36:58 GMT
Last-Modified: Wed, 13 Apr 2022 14:15:17 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/Products/6656/favicon.png
200 OK 2.6 kB URL HTTP/1.1 w.boxtvision.com/views/Products/6656/favicon.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 64f121cef7c903a252f2fe78bbafa024
73dd2e491841a04f83cd72cd5a9aadd6c54dd3f4
fa53c9b6bf28f2f2b0b90b6dc2e76545be0313993459bbd2da80e152ae974b4e
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/Products/6656/favicon.png HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2592
Content-Type: image/png
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
ETag: "1D7C41788416D00"
Expires: Fri, 20 Jan 2023 00:42:40 GMT
Last-Modified: Mon, 18 Oct 2021 11:58:58 GMT
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/Products/6656/templates/core.html
200 OK 192 B URL HTTP/1.1 w.boxtvision.com/views/Products/6656/templates/core.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 719c8c8556e89bc602428f57b5a2d826
045fdec745e9a41dde5d3f540b426f2ddf1f8a2f
a20348294f8e0dea5dde1b411ea9ebd3ba99dcfe12f9012cc6f5c02e18ffd8d0
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/Products/6656/templates/core.html HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 192
Content-Type: text/html
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "432c63c7bc4d71:0"
Last-Modified: Mon, 18 Oct 2021 10:34:49 GMT
Vary: Accept-Encoding
w.boxtvision.com/views/Products/6656/templates/header.html
200 OK 0 B URL HTTP/1.1 w.boxtvision.com/views/Products/6656/templates/header.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/Products/6656/templates/header.html HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/html
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
ETag: "6cf828687c4d71:0"
Last-Modified: Mon, 18 Oct 2021 10:03:32 GMT
w.boxtvision.com/views/Products/6656/templates/footer.html
200 OK 0 B URL HTTP/1.1 w.boxtvision.com/views/Products/6656/templates/footer.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
fortinet Phishing
GET /views/Products/6656/templates/footer.html HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/html
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
ETag: "a0cc17687c4d71:0"
Last-Modified: Mon, 18 Oct 2021 10:03:32 GMT
w.boxtvision.com/views/Products/6656/views/homepage.html
200 OK 2.3 kB URL HTTP/1.1 w.boxtvision.com/views/Products/6656/views/homepage.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash bcb112bb5971ce9c394d3d7e44a59387
4205582dfc1968d6ae79e8726ad6bd0efd7772af
d11511807561e9e3d53a67dea12873ccb406e1631a28d667e64097209dad025d
Analyzer Verdict Alert fortinet Phishing
GET /views/Products/6656/views/homepage.html HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2348
Content-Type: text/html
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "48c51245f515d91:0"
Last-Modified: Thu, 22 Dec 2022 11:05:15 GMT
Vary: Accept-Encoding
w.boxtvision.com/views/Products/6656/assets/img//logo.png
200 OK 4.4 kB URL HTTP/1.1 w.boxtvision.com/views/Products/6656/assets/img//logo.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 224 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash d7f48b3f5310508b8ef5359876c2dc3d
c79dff2b38b48608fcedbdf8d6185f7dd7bac2ff
2a62a61435578e7fbc7544f1cf2b2c45568078de558e8fbc8265e8c6e49aebc0
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/Products/6656/assets/img//logo.png HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4406
Content-Type: image/png
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
ETag: "1D7C417ADCE7680"
Expires: Fri, 20 Jan 2023 03:36:58 GMT
Last-Modified: Mon, 18 Oct 2021 12:00:01 GMT
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/Products/6656/assets/img//cc-logos.png
200 OK 5.1 kB URL HTTP/1.1 w.boxtvision.com/views/Products/6656/assets/img//cc-logos.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 128 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 44210258ec05ee780be113a2ccd3fe91
6464c50e5f8c7b042d7116531a1fff444351f22e
f836db9815459128a9455e2a117b0eee42a8b4a0ed1c2fb4337088c1864f6686
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/Products/6656/assets/img//cc-logos.png HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5055
Content-Type: image/png
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
ETag: "1D7C41BB0CB6600"
Expires: Fri, 20 Jan 2023 03:36:58 GMT
Last-Modified: Mon, 18 Oct 2021 12:28:44 GMT
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
w.boxtvision.com/views/Products/6656/assets/img//us-flag.png
200 OK 3.7 kB URL HTTP/1.1 w.boxtvision.com/views/Products/6656/assets/img//us-flag.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 701600eb4265f103084cf58cee663e89
cae157eb6a22ae0692404661b2f554e663f414d4
2d1bef872851eff0b8f19d536103cf0b6431534ac1cbaebe1f9138f12eac7f8a
Analyzer Verdict Alert urlquery fraud Fraud - Generic scam or fraud
urlquery fraud Fraud - Generic scam or fraud
GET /views/Products/6656/assets/img//us-flag.png HTTP/1.1
Host: w.boxtvision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.boxtvision.com/2BD?cmpid=401517&aid=500174&subid=5490_&trfk_id=NEU_X01_01_ae3ff4c9-0560-4633-8e2e-536903159bae_20230119.4e7fd4f8-6c59-40a6-a135-7964147145e3_064211557_1260245409&sub7=&sub8=&name=&lastname=&street=&city=&zip=&state=&phone=&email=&jjxy=dds
Cookie: SESS=Id=202301190642123432154804037&LA=133185841323900900; PSESS=Id=202301190642123432154804037&LA=133185841323900900
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3707
Content-Type: image/png
Date: Thu, 19 Jan 2023 06:42:12 GMT
Accept-Ranges: bytes
Cache-Control: public
ETag: "1D7C41BCFC9F800"
Expires: Fri, 20 Jan 2023 00:42:41 GMT
Last-Modified: Mon, 18 Oct 2021 12:29:36 GMT
Request-Context: appId=cid-v1:96d48fd8-6189-497b-9289-4bc1bcaa1518
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2807
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 06:42:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2807
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 06:42:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2807
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 06:42:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2807
Expires: Thu, 19 Jan 2023 07:29:00 GMT
Date: Thu, 19 Jan 2023 06:42:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f69a0610e549f99b84e2ac1355ec1d6
c957e6d925e932c8f4939b5b723bccb532b5bf44
0304ec77a98bcd152446d03f4d630304bb6362d3ff99c58c883ebeb3f1448130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8665
x-amzn-requestid: d4ef9b00-3cff-4ca0-be67-39074ca71996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewYQuE1NIAMFymQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c33a6a-57f41f0a286ffffd2ca5ee8b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:27:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ESbnZ69JgaSSqmynXtDLCCkPi9I3KeFPISrQUr1WMJWQBIyxhTHW5w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:37:08 GMT
age: 47105
etag: "c957e6d925e932c8f4939b5b723bccb532b5bf44"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 511bbd0c410838e4a978d471d361d876
706be1b2636ad65bf5fe78ef7301af472c015275
e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:14:04 GMT
age: 16089
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94ef2ebf-b368-4c49-877b-a14ed2f748c4.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94ef2ebf-b368-4c49-877b-a14ed2f748c4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0a101619de7c42082cb54416bf0cba0
a759ba4a1a95674e9b8c7146ba748826d22bc60f
7b75ffde64861431963ec226259f03d3848aada46f611962d10dff8a4aa88bd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94ef2ebf-b368-4c49-877b-a14ed2f748c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4017
x-amzn-requestid: 3f89e17a-7a8d-460b-9bea-ee8c23b88379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3nBpFr9oAMFbbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61ed7-21c5578f084a3f36640ac14e;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 04:06:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QZKDFQMsEJJbTgg9f3qDQLIy3VXn9gLaX9OX4aalwKqbvqektWwZQA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:34:10 GMT
age: 47283
etag: "a759ba4a1a95674e9b8c7146ba748826d22bc60f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: eac4818f-27cf-4e74-967f-ba9b761e236f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0uNuF0QIAMFUEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f724-3a8ae0ba482b10f04c90c3b5;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AKGI_lQSNDKkYkcLfgIsQOt8ghMJbouQt26TehAyOBDEkg0ZU-L_Tw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:32:30 GMT
age: 83383
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b015242ebdda9cc22cfe6741d2e926f1
76072223007cd11c6f7b9fda8f01818ab0fea740
b7a72c737cac91c83c39718de999bc6ff0ec4ede63342e86407190d95e60d9a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1eiEXaC2jHawVVHg6KAlFvdV7ZMpXdCaN8o36sbYL9WwPvXejGobKA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:36:56 GMT
age: 47117
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7817aa566a3271f82153811b756bb90f
6be8688f3b8d2f053afed5c09d00e71ad9210258
1ec4a11d1598683001714eb1a130c5ba96c37aef0e43623a17780f848543b1c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7864
x-amzn-requestid: 932e4550-d62d-448d-b60d-d3c62944c86c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEEVOIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-0977cfca7fe22f83168e5d9e;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WSyQEwTUUN83EL9C9y9VPDzKnNjBXSmvcO5SfTuvIKPCDurKTM-oEg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 03:43:12 GMT
age: 10741
etag: "6be8688f3b8d2f053afed5c09d00e71ad9210258"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
52.169.78.163
34.117.237.239
104.40.147.216
23.36.77.32
93.184.220.29
104.17.25.14