Report - marriotthalifax.janus-app.com

Report Overview

Submitted URL
marriotthalifax.janus-app.com
IP
20.124.117.92
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-28 11:29:34
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
marriotthalifax.janus-app.com	unknown	2023-03-23T03:18:36Z	2023-03-28T13:27:22Z	871 B	258 B	20.124.117.92
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	8.6 kB	68 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	341 B	739 B	192.229.221.95
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-29T05:09:31Z	453 B	204 B	44.241.53.229
detectportal.firefox.com	1601	2018-08-30T11:52:03Z	2023-03-29T05:09:30Z	606 B	428 B	34.107.221.82
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.4 kB	8.9 kB	23.36.77.32
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-29T09:09:45Z	435 B	47 kB	34.120.5.221
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	840 B	12 kB	34.160.144.191
firefox-settings-attachments.cdn.mozilla.net	11509	2019-11-30T10:32:57Z	2023-03-29T09:43:54Z	412 B	808 kB	34.111.73.144
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	66 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (46)

	URL	IP	Response	Size
	detectportal.firefox.com/success.txt?ipv4	34.107.221.82	200 OK	8 B
URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4 IP 34.107.221.82:0 ASN #15169 GOOGLE File type ASCII text Size 8 B (8 bytes) Hash ae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 HTTP Headers `GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Length: 8 Via: 1.1 google Date: Tue, 28 Mar 2023 03:13:09 GMT Age: 29768 Content-Type: text/plain Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2596 Expires: Tue, 28 Mar 2023 12:12:34 GMT Date: Tue, 28 Mar 2023 11:29:18 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 710a535aaa1450fafb8bdd6b36beb8b6 b8e939b2be6c874de3930bf80bfe9dc2dbb58c59 1f56eee1c433abbe6b5a60dc91cbf0340a2e5ef13c59352683df3e828919d8ce HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1F56EEE1C433ABBE6B5A60DC91CBF0340A2E5EF13C59352683DF3E828919D8CE" Last-Modified: Tue, 28 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5478 Expires: Tue, 28 Mar 2023 13:00:36 GMT Date: Tue, 28 Mar 2023 11:29:18 GMT Connection: keep-alive`

	getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30	34.120.5.221	200 OK	46 kB
URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 IP 34.120.5.221:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size 46 kB (46500 bytes) Hash 340c42bb1fdce076400bec2e6f1b0067 066a797ae2d8f330b2fe65f6553fa9f85d08a5a3 5fa8b6d1c13bb84f7c1f74dd0a3fa6891540ef05abd513b5b9d9aa3c4d0f9852 HTTP Headers `GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 Host: getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx content-location: global-recs.php tcn: choice x-frame-options: SAMEORIGIN status: 200 OK x-source: Pocket pragma: cache p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE" x-cache: Miss from cloudfront x-amz-cf-pop: SEA73-P2 x-amz-cf-id: gEvox1-WwIVAJR__mi3Tp33U6ch96YOyz8teCimDAfIJfxOw9UhIdQ== content-encoding: gzip via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 11:16:34 GMT content-type: application/json vary: Accept-Encoding content-length: 46500 age: 764 cache-control: s-maxage=900,public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B" Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3673 Expires: Tue, 28 Mar 2023 12:30:31 GMT Date: Tue, 28 Mar 2023 11:29:18 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: 0tmX2BiW8K0KVqVbOHh2k/1DScsIu95LbU2QcmpyNODCiuw/GhtxqppQu/6R2S2fKIiOMTeispM= x-amz-request-id: 91AJVHAV9YFBN6GA content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 28 Mar 2023 11:27:25 GMT last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" content-type: binary/octet-stream age: 113 cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 911d74784325663a0d95b463b0e9ae9b 21e999229be584d8e42696bce71236ad5bcb9a25 f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4602 Expires: Tue, 28 Mar 2023 12:46:00 GMT Date: Tue, 28 Mar 2023 11:29:18 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ed282214b024a7895d90e229e92bb1cc 1f447aa59287ce2b45860a1a909d005a41305f77 a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Content-Type, Backoff, Content-Length, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 28 Mar 2023 11:28:03 GMT content-type: application/json age: 75 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 28 Mar 2023 11:29:18 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a740252e7b24892a3e34f6dfed6e3bde d44d21abb95edd1ccc775632254f11ee94fb585e e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94" Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6644 Expires: Tue, 28 Mar 2023 13:20:02 GMT Date: Tue, 28 Mar 2023 11:29:18 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Last-Modified, Content-Type, Backoff, Expires, Retry-After, Content-Length, Alert, Cache-Control, Pragma, ETag content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 28 Mar 2023 11:14:35 GMT age: 883 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ydoVHipl/910q0TuXUH/sg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: +9DHVp+FnJzu+HsNhWDOqEEVao4= Date: Tue, 28 Mar 2023 11:29:18 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 34a742f8916459135b4c1a7c2318b0d8 cbbf9dd38f61a39333f582fb74e00fc5eb261e3f 2ca8c1eaedc55e9d815ce661e25977a122efe983f87cb7648fb5b1607bb0f42d HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1455 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 28 Mar 2023 11:29:18 GMT Last-Modified: Tue, 28 Mar 2023 11:05:03 GMT Server: ECAcc (ska/F7A5) X-Cache: HIT Content-Length: 471`

	marriotthalifax.janus-app.com/	20.124.117.92	404 Not Found	0 B
URL HTTP/2 marriotthalifax.janus-app.com/ IP 20.124.117.92:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: marriotthalifax.janus-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` `HTTP/2 404 Not Found content-length: 0 server: Microsoft-HTTPAPI/2.0 date: Tue, 28 Mar 2023 11:29:17 GMT X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680001040361%22	35.241.9.150	200 OK	4.6 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680001040361%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators Size 4.6 kB (4627 bytes) Hash 4795f4d962cdfaa7d517d78ce6266c0f ff68824e9c886a786ccf2b32578962c9aa0f85ed 6c8d00bab1c7af182265129fad5dbe7c87faaa00160359bfb2a48880e7a803bc HTTP Headers `GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221680001040361%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none date: Tue, 28 Mar 2023 11:03:23 GMT last-modified: Tue, 28 Mar 2023 10:57:20 GMT content-type: application/json vary: Accept-Encoding content-length: 4627 age: 1555 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2	44.241.53.229	200 OK	8 B
URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 IP 44.241.53.229:0 ASN #16509 AMAZON-02 File type ASCII text Size 8 B (8 bytes) Hash 29fc57841962e407cb50c1be60284bf7 ce968a77e2996da5eee8925182318f171ccdce47 ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b HTTP Headers `POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 Host: shavar.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 773 Connection: close Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: none Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Tue, 28 Mar 2023 11:29:18 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 8 Connection: Close`

	firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22	35.241.9.150	200 OK	2.5 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (9104), with no line terminators Size 2.5 kB (2454 bytes) Hash 59fe3dfef56f5b68c809f712374f93ea e02f0151bfaca51594bb750ff1bb4897b414728c d5a07de5871db5525e9f370dcd7f54729f3b73acc4ac5ae6459c9727b0d5b056 HTTP Headers `GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Content-Type, Backoff, Content-Length, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 2454 date: Tue, 28 Mar 2023 11:27:25 GMT age: 113 last-modified: Sun, 26 Mar 2023 16:36:44 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK x-amz-id-2: mCoC8GI8m+E5INRt2CzmWw5GqFVsMx64OxenEykOK2y4LE1JVup/Xs1JNlq3PJiurXQekePxvK0= x-amz-request-id: K7TVGV7DH3GV4BPB x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 28 Mar 2023 11:02:01 GMT age: 1637 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	marriotthalifax.janus-app.com/favicon.ico	20.124.117.92	404 Not Found	0 B
URL HTTP/2 marriotthalifax.janus-app.com/favicon.ico IP 20.124.117.92:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: marriotthalifax.janus-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marriotthalifax.janus-app.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 404 Not Found content-length: 0 server: Microsoft-HTTPAPI/2.0 date: Tue, 28 Mar 2023 11:29:17 GMT X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22	35.241.9.150	200 OK	11 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (40040), with no line terminators Size 11 kB (11030 bytes) Hash e01332767706e6297e9dbe0c3208b302 fd12ef5a56ef809d1a70276fbe4c57e873e83aba 0f493ebde1c33a888b617fd0ed711eaa286f4421951a0ea533794e7cee06fa1a HTTP Headers `GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Backoff, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 11030 date: Tue, 28 Mar 2023 11:03:43 GMT age: 1536 last-modified: Fri, 24 Mar 2023 16:36:43 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 28 Mar 2023 11:15:51 GMT content-type: application/json age: 808 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 67066d4d6dcd9e995083fc1fed508034 b7c3165a3fbbcad47603e8711186d261a4666aeb 1fc21875e471cc95167611656b2a0e9c578f21defe34ce5ea1388d274df5b5b7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1FC21875E471CC95167611656B2A0E9C578F21DEFE34CE5EA1388D274DF5B5B7" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8524 Expires: Tue, 28 Mar 2023 13:51:23 GMT Date: Tue, 28 Mar 2023 11:29:19 GMT Connection: keep-alive`

	firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin	34.111.73.144	200 OK	807 kB
URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin IP 34.111.73.144:0 ASN #15169 GOOGLE File type data Size 807 kB (807180 bytes) Hash 914be443bdfbe8a1c3ded61e1c114bd6 4fe7c5ff83f6a29e6699f4cebc17550891504661 41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857 HTTP Headers `GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1 Host: firefox-settings-attachments.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: 59G7qTJQiLuRHxxSkAS7i5JoVkPmSxvoUFSiSuMU5NDxXetcSPNyHZPUwj7u+afDVOleH+O6SLE= x-amz-request-id: RWFC6R5QJM79BGGV x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7 accept-ranges: bytes server: AmazonS3 content-length: 807180 via: 1.1 google date: Thu, 23 Mar 2023 11:49:19 GMT age: 430800 last-modified: Tue, 10 Jan 2023 12:38:46 GMT etag: "914be443bdfbe8a1c3ded61e1c114bd6" content-type: application/octet-stream cache-control: public,max-age=604800 alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679961666419&_since=%221666483264567%22	35.241.9.150	200 OK	16 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679961666419&_since=%221666483264567%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size 16 kB (16066 bytes) Hash c34b347ec6fb5f2518b5ad22b141c79b 9f56e1ecf9cdd0c5db8baa171d065b94aaa404b6 cbf7e60db665b29f3a1e54e796aec6fe8a534dc5265bd0efa4364884cac628d1 HTTP Headers GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679961666419&_since=%221666483264567%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none date: Tue, 28 Mar 2023 10:31:06 GMT last-modified: Tue, 28 Mar 2023 00:01:06 GMT content-type: application/json vary: Accept-Encoding content-length: 16066 age: 3493 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22	35.241.9.150	200 OK	7.7 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 7.7 kB (7669 bytes) Hash ad3e2fac56a52b8b993ca1878c5430ad c8b81dcf2411f08a7e4bb8025a7f687dbfc80591 4288ea622f00987e95f0498a6b04b0121bda715f5e9413ddeeb6044bf232f833 HTTP Headers `GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 7669 date: Tue, 28 Mar 2023 11:10:48 GMT age: 1111 last-modified: Mon, 27 Mar 2023 22:37:04 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	detectportal.firefox.com/success.txt?ipv4	34.107.221.82	200 OK	8 B
URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4 IP 34.107.221.82:0 ASN #15169 GOOGLE File type ASCII text Size 8 B (8 bytes) Hash ae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 HTTP Headers `GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Length: 8 Via: 1.1 google Date: Tue, 28 Mar 2023 03:13:09 GMT Age: 29770 Content-Type: text/plain Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258	35.241.9.150	200 OK	682 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators Size 682 B (682 bytes) Hash 1e047b83920b53efa84372fbf1a81bee e2404b9c4d03d1c58e71884919a54c2f9a3dedfd 7e9d0acd7bc581de92f53a81423bd582b348c3c871a02cd7b26229313d5e6013 HTTP Headers `GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 682 via: 1.1 google date: Tue, 28 Mar 2023 10:39:09 GMT age: 3010 last-modified: Sat, 25 Mar 2023 16:36:56 GMT etag: "1679762216708" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22	35.241.9.150	200 OK	702 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators Size 702 B (702 bytes) Hash 17163af62980cf4f6e3eda0b59dd0d8a bcf687c3fa6eb3b1cee4901c60ff29cbfd5ce7df 57972bab0c08b19c260f8ecac69d8d42ea34e9cd517084445c941f0d9f9c6d63 HTTP Headers `GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Retry-After, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 702 date: Tue, 28 Mar 2023 10:56:13 GMT age: 1986 last-modified: Sat, 25 Mar 2023 16:36:46 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22	35.241.9.150	200 OK	846 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators Size 846 B (846 bytes) Hash d7a6f5edd7f53223b5d17f407b9b613b b95fbcf807caf612890fe75dae89c054c0405f7a 7ec92905fab579bbd07ae43a74abcc0353a66d3c44f69e69a064f64872c0e4cc HTTP Headers `GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Retry-After, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 846 date: Tue, 28 Mar 2023 10:56:25 GMT age: 1974 last-modified: Sat, 25 Mar 2023 16:36:45 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22	35.241.9.150	200 OK	1.1 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators Size 1.1 kB (1095 bytes) Hash b45613bc3a302f3a8fd799d7dfdc8612 2da7879a7aaff11994d87c6de92f3d8e0d100fe3 93ea6cb5df74ad398ff8f29658faa598607ec63731600c6bfec109e97ac1ec7d HTTP Headers `GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Backoff, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 1095 date: Tue, 28 Mar 2023 10:59:44 GMT age: 1775 last-modified: Fri, 24 Mar 2023 16:36:46 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22	35.241.9.150	200 OK	772 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (772), with no line terminators Size 772 B (772 bytes) Hash 1150fc438e642be5635e3234834367d9 a421eab9d39f0fefd6a1f2ecda9fc11ceddb646c 2b980c60a311dafdf93d9983c4ed8ac7dea9f7ff61329ffb1e1a24d0909f3d15 HTTP Headers `GET /v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 772 via: 1.1 google date: Tue, 28 Mar 2023 10:36:34 GMT age: 3165 last-modified: Thu, 23 Mar 2023 19:33:52 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22	35.241.9.150	200 OK	820 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators Size 820 B (820 bytes) Hash cfe62903cbe729c8d0f605ce1d4236b3 944d19f55234f172489b7a2d3652e8e4892eb8b4 71738683aedf1c1f7f7a1e96c945cfb266b56968084354d4d7b67dd1782e9ebb HTTP Headers `GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 820 date: Tue, 28 Mar 2023 10:59:44 GMT age: 1775 last-modified: Thu, 23 Mar 2023 16:36:48 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22	35.241.9.150	200 OK	935 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators Size 935 B (935 bytes) Hash 9122f99473d982e0cf08d156d80fa431 0c58a6dc78b365762e6cce14075639d4b5e12b15 5a12e97c12a31b264b4ff70f17bf92ed19aff7cd04029d71d913a37593e3d600 HTTP Headers `GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Backoff, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 935 via: 1.1 google date: Tue, 28 Mar 2023 10:58:53 GMT age: 1826 last-modified: Thu, 23 Mar 2023 16:36:47 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22	35.241.9.150	200 OK	4.9 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators Size 4.9 kB (4900 bytes) Hash d44aa4392412ef46639852817af0f2d4 c9a7391719c8005bbc6fc607560243e6b11e78b0 0fa311aea6a619fc6776e00643a2a39f360a0cdecea2a6c3214d98ea027c51c7 HTTP Headers `GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Retry-After, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 4900 date: Tue, 28 Mar 2023 10:58:03 GMT age: 1876 last-modified: Thu, 23 Mar 2023 16:36:43 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22	35.241.9.150	200 OK	2.3 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators Size 2.3 kB (2262 bytes) Hash b4d3fee42064843f7583fa4cb4e2a0a1 7db187eafb379e4dbda90f94fea0162d0fac3238 a1be421e91e4ef902215cca9133e6ce665eece8bbec122b1be4aaaad57cd4190 HTTP Headers `GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Backoff, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 2262 date: Tue, 28 Mar 2023 10:56:36 GMT age: 1964 last-modified: Tue, 21 Mar 2023 16:36:44 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22	35.241.9.150	200 OK	860 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1647), with no line terminators Size 860 B (860 bytes) Hash 5dbb7f3841def7dec15c02363b9cfc3f cf64076da6e5f5e0e7808b5ee5a24331d095afaf 9294669a2534fa7a40e306d038bf467c92109582d8d5a9dbfc43d824b71119fb HTTP Headers `GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff via: 1.1 google content-encoding: br accept-ranges: none content-length: 860 date: Tue, 28 Mar 2023 10:59:45 GMT age: 1775 last-modified: Tue, 21 Mar 2023 16:36:43 GMT content-type: application/json vary: Accept-Encoding cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10485 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 11:29:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10485 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 11:29:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10485 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 11:29:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10485 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 11:29:20 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM69eHE3IAMF0Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: U1WnpJASpWxPY-8kq-3g3_dKqm5l6UqhA0xUYijO5FDLGAxI2mLthg== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 05:43:53 GMT age: 20727 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7537 bytes) Hash 5fdd8a3f935830ca9e5ffdb5824acebc 39caaddec703fdad962d03fff8687bad2c1df4ad 6fe6301fb3610c3e8a9b62671579db53189bb62ead4cf5ab30a1f1e0b90b8ca2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7537 x-amzn-requestid: 4f7aaf6e-3eca-4033-aa21-27b5e7df6a0b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbupFURIAMFlZw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220cc3-153c4e0b6b9d1b586c985f8d;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:11 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 07sU32yK0Sqkqg_YzC_cfw3stDMOa2cViR6IrpHw5cfSEjUOHTITAA== via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:48:37 GMT age: 49243 etag: "39caaddec703fdad962d03fff8687bad2c1df4ad" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png	34.120.237.76	200 OK	20 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 20 kB (20349 bytes) Hash b3e093e7b5c12cfc2aee601f823ea47e d76b3958471b2ed70a2b52f078ec638748fdb441 de4fc669195611c4ea6fe7d920482987aef077973b4973c01e2f362aeb18c2ea HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 20349 x-amzn-requestid: 2de7d242-f277-42a6-9dc4-2fc98207a978 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbumFzOIAMF3hA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220cc3-5f20ad7b2216219138f7b557;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:11 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: pnby7LhwZDWxJHtyWBlI7l_AO8l-tjjTVHatiCKG2htZ4RQNQOZkgQ== via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:48:21 GMT age: 49259 etag: "d76b3958471b2ed70a2b52f078ec638748fdb441" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10744 bytes) Hash ada29e049501b12a35b0bcc5f68e3e57 5c1ba9bffbcc9007e7f119dbb3197db34a12f8da b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10744 x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbogF0poAMFTAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: uCaEsILUx4u_fBJ7J9CgQanUW-BmV69mFvGRjZ0roFWluE_joVyVrA== via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:48:21 GMT age: 49259 etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg	34.120.237.76	200 OK	9.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.0 kB (8961 bytes) Hash 789f11978a1149984408fbbb9a2b3f81 078bd523107096bab5e26d42b18e316c253f1ca7 7974980290443b64126f512686261150cd27331cb7b32a96d1167a97d046e8a3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8961 x-amzn-requestid: 9277e35d-8fe8-482e-b65c-b132dfcbd87e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbqBGl0IAMFy4w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220ca6-7869936b33cbf3633c68e7ac;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:42 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: niXBcLXb34cBs5-FqU8flhIK5sZ_ykmhwnozGbLigHI3jwXySoF_xw== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:49:49 GMT age: 49171 etag: "078bd523107096bab5e26d42b18e316c253f1ca7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a92bb93-549b-40b7-9f16-d6514d1b45c9.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a92bb93-549b-40b7-9f16-d6514d1b45c9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6825 bytes) Hash 3a6fab95700d3078da8a155c46d93cc1 48d5958ae08550516e09a59b300152ea045fcd3b 27a9ca65b70143f0aec2e08329d9214bd42af7c759504a7f0de6d58ae8e50879 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a92bb93-549b-40b7-9f16-d6514d1b45c9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6825 x-amzn-requestid: 0aed4d72-c18f-4c36-b792-08d70562d70c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdcL9ELDoAMFYYg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220d7f-341a03f10e1cfa261f3755b9;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:41:19 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: a6FwDbXDiMjl3e73xgDecjeKP8Gn8PM6cXTOZX2ufxPAlOk_oS9h1A== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:14:11 GMT etag: "48d5958ae08550516e09a59b300152ea045fcd3b" content-type: image/jpeg age: 47709 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (46)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type