firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 17:01:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EqzLSVxKyuVcQNGuW0-IPMQQMRF9zdRNPrZGOdsUhaM61RXvddjTIg==
Age: 1468
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3284
Expires: Mon, 05 Sep 2022 18:21:11 GMT
Date: Mon, 05 Sep 2022 17:26:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JnlnhbAfAiG4mwQ6PNapTCWbaoDyEtJKk4TnN2S4ksSt8e0CRGEzUQ==
age: 58270
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 17:26:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
google-presenteia.com/
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET / HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 05 Sep 2022 17:26:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
Location: ./gift
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYNzW0cMMAcKOylyz%2BfoM1T%2F4hEU3Dq0iTPp%2FKRLwUeqPdbMAPXYEqXnSHOr7zDl8G22trrYqzgkUWOblbdeRzpK1rHp2Dr4PyqwMa9DJi4Hf4eM6fYngqbgKgGuKLCTe96Ehf8Eez0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7460ab86296fb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift
301 Moved Permanently 354 B URL HTTP/1.1 google-presenteia.com/gift
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d3052aa019cd233e302708ae7912ccb6
f75a048fd81cb06046140524400601168e3487c1
89b0098ce73f5046e20d187c8cdaaed0ef77cab265fca5394404b4f601f45484
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 17:26:28 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://google-presenteia.com/gift/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPlkMTLD5E0zLt%2BZOnrw3%2BwS2TYbTsMvg9QyU8kQl0HMUZhiTGPc2l58UIxHjSLMZG1bVsUhbvDj%2FM8Kl5Wmdixzccv8yIM0AnjmYpPllKZ7JpB5mleb0u%2FqFRawFCwhlvBPvn1Vpbo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7460ab890e54b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 16:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 17:23:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ete4N2nXptAW0BZ5_cVqAlGR6bJl8L3mVJvpbD8FoKEAOb130uyyVg==
Age: 2892
ocsp.digicert.com/
200 OK 471 B IP
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4077
Cache-Control: max-age=143293
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 17:26:28 GMT
Etag: "6315ae14-1d7"
Expires: Wed, 07 Sep 2022 09:14:41 GMT
Last-Modified: Mon, 05 Sep 2022 08:06:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xwSPyLg4XAdDc8iGagWBNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6o9XlcTBCsCbMFAzomfAph+gSTM=
google-presenteia.com/gift/
200 OK 5.3 kB URL HTTP/1.1 google-presenteia.com/gift/
IP
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (597), with CRLF line terminators
Hash 5e7ab96aa3e58f89bebb97cb775d3092
fc0449ef60e1ae0f5d7eb7de4a2ca8d8c4900782
af261838493d7ec75587c12de98f16931d66df6c4de9d6e989905d42b35f8aa1
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/ HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCTswWfjCEngQfbkX8kn3mJTZpAhETcffPrqnhU5EMslVa4KRCi3QJCGRGBFvT7sh0ObmLZ29x3Y2SzRqFlLXb2Y%2BH4JWU5mSUwxVck0T6451NVNaeEDAMNeWSPVKZw8rKY70wEbw%2FA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7460ab8a7902b518-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/css/bundle_msft.css
200 OK 7.5 kB URL HTTP/1.1 google-presenteia.com/gift/css/bundle_msft.css
IP
File type assembler source, ASCII text, with very long lines (540), with CRLF line terminators
Hash abc9a390a0edaacfffaec22c298d350a
eed872a9f4f2a93f143df55dd7f3af3491cc6e88
fc123c02e74f9b4623aa8061a6c38b09de63a09d8bfc49028d68ef7c23f24ddc
Analyzer Verdict Alert openphish Google Inc.
GET /gift/css/bundle_msft.css HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:39:50 GMT
ETag: W/"a58c-5756220239180"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9tkywMe6NRq1LM6O4J2ExS26wr4k5GMMSN1AtIY0cq6PockYldAhPbHpkyFd7Kfzkulw5JU55aLpX1QxMSNQW7RXdaH5sirhgMmStNRHDTq2l1LzQo9ujZD4iotnHNV%2BmkNJG9VVxM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab8c6b0c0b4d-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/js/backfix.min.js
200 OK 732 B URL HTTP/1.1 google-presenteia.com/gift/js/backfix.min.js
IP
File type ASCII text, with very long lines (1812)
Hash b0b8aa592fe237452f1ab03e2bb34793
29b60c59b6bfa128a091aad28b51b9eefcb5a5be
d28ca614d4cda5c154c9fd3bea55f1ef8c1dbd9feeceb8a8af8646ff43f4495a
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/js/backfix.min.js HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 22:30:56 GMT
ETag: W/"7ad-57563ad76a800"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hCdUfQeKjBnyYCh%2BPkD5tu8QtT%2BMF1CvPcjHP98bkjyQMruLnvgSr%2Bu9g7SV2bfKSjTmswiWsuN2dFjPE0FVrODV9kGEX7qG%2F3HSGlC1VOdjxIklFnfzeU8LC4MD4dNpMTCo6TF8Y4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab8edec1fac4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/js/jquery.min.js
200 OK 30 kB URL HTTP/1.1 google-presenteia.com/gift/js/jquery.min.js
IP
File type ASCII text, with very long lines (32025)
Hash 72679831e1660b53a2d76d50c3d27aae
130d33bc861b4970b309a5ebff9bb6959fb37582
e44051bdb8d12ec7c4851ad400210fbb6c6dfba04fa202f3b2a9509e957ed548
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/js/jquery.min.js HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:40:22 GMT
ETag: W/"1499c-57562220bd980"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5MFkRX0YoUOtltyNzKdl1lP3hdJVN2T2VFG5cA0autqSwoh3MJvg%2Fo2S2y8Q4RaFNbUBbu4b%2FHVU5K9ywOvQjUSrJ8%2BuE2%2BtcC7qoY2fhnVT%2BMusPBzz0WakMMHVuNRYj2AfdA%2BuBQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab8c7f431c0e-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/js/bootstrap.min.js
200 OK 9.8 kB URL HTTP/1.1 google-presenteia.com/gift/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 5001f34e4d6720378751012dedda52d6
d582a3fa4a2772626a934ade1489dc5e5f97a845
3cbb8f3723828476519f646eed5cd50a490f1cb1a03b9c2e92ad2a749c1dbf5a
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/js/bootstrap.min.js HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:01:24 GMT
ETag: W/"90b5-575626d447100"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWUwWnuEt%2Bxo7o%2BkbbYy04kpj8ep%2BJSK%2B9lokHqOaodnatnMTM%2FzwpMz4959uxBIkS0TwUtUWdDOg%2BjMg8tWV3Q5gk3H650iJH%2B7I4K7ohw1nUMZ%2FsI2PVsoOK4gTMzJwBpPlZyx1%2FY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab8ed8b4b518-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/js/bundle_za.js
200 OK 5.8 kB URL HTTP/1.1 google-presenteia.com/gift/js/bundle_za.js
IP
File type Unicode text, UTF-8 text, with very long lines (408), with CRLF, LF line terminators
Hash a6316402833c62e84768ca022211d7dd
c003c657be2225a6c3c2b9d6a5edb4de0bdd42ff
8bdce6bc96cf6a86608fec1dd082906faa3b7de20127927f5084e6453531c31c
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/js/bundle_za.js HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 15:21:35 GMT
ETag: W/"5d77-5e79f2b48014a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMeXJ3RimKb0ju28FIWyBof%2B9aOxp6RU5ZHFyXrl3FMPqdsw8Jzlxxeql8TYOZD2LKQASXiIIk615gP6F0uIz1FbUZYHboMDXf1S6vxzxeJ9zxVvQS%2FsNoD4hfv%2BJWadcYZvfkS6YCQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab8edc940b02-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/css/bootstrap.min.css
200 OK 20 kB URL HTTP/1.1 google-presenteia.com/gift/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65371)
Hash f33528d6b5fef46497b27e2ebfd42c9d
a0e45684b4ac36e4de8d668966cef9f65ae36fea
c69994b60e92548c1a3fb42f62883fbfc12348db98e9e6e504be1f35035d104a
Analyzer Verdict Alert openphish Google Inc.
GET /gift/css/bootstrap.min.css HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:39:40 GMT
ETag: W/"1da7e-575621f8afb00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx9SBGYwMiuDCxEKm6MCSc5sJgoW4qgD0nj5Gp6NO6aBApSvG%2B9lt4T9GDfBRjGIHkomu%2FHInflFUL9trXiMoLd2IXR%2FnIgCbtKVJCSbL%2Fq69AN1QZd07T1Odzb7Wpx6oNaM0h5zSCg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab8c7bb9b4ee-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:26:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:26:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7877df05329f39350f4907a067f5840e
21f33eca6863c382c216c16799d1bea83e40fbd9
94b943383bbd05d11ac0f9c3672e315c9cfaa5cb2299c3779195f08491969fa8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4260
x-amzn-requestid: 024510ab-0cb7-421e-805b-fa54501d1e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpjFQGPVIAMFytQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d4bbb-4492cd20474c37337f8a5521;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 23:28:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Wk8myA4exuK32he7TlFoJtvtqHb0WcDhvSuo6-aN0dMcxIr7cDkU5Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:04:04 GMT
age: 69746
etag: "21f33eca6863c382c216c16799d1bea83e40fbd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VgP7BDBmd5A5bAmRgO88geep419uZ0TQop4jEmRkx-q9rX4PUJZOCQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:16:55 GMT
age: 68975
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074d7790-a0c5-48fe-9814-807d02b9ea17.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074d7790-a0c5-48fe-9814-807d02b9ea17.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c0d77a2b715f8f2547f11cc5674432b
51ca3fc7e7048f035f79c4e425197bc618671b8c
34cad56ca82b17b5df4c010eecb2c7ea348faec15d33fa4b294c0ed46e2c5de8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074d7790-a0c5-48fe-9814-807d02b9ea17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8331
x-amzn-requestid: 53b40605-8cb6-4c36-931f-67be541289e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wigGtToAMFscw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-645ce10e6bd850f84fcbf256;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a0mNmWIp04fLKVgImJIc6CWErbhadUOhXG2XurGRbCgDgjSwz44p0w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:10:33 GMT
age: 69357
etag: "51ca3fc7e7048f035f79c4e425197bc618671b8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
age: 69781
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5231760bb81282416f2bd27a4261099e
e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 70862
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XY2liZJvZjSSNT0u90GlCn3HGPxVaYO4xztkeALLJOTRRwruDELcvg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:06 GMT
age: 70704
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
google-presenteia.com/gift/img/g-i.png
200 OK 2.3 kB URL HTTP/1.1 google-presenteia.com/gift/img/g-i.png
IP
File type PNG image data, 50 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 636f34458b26e9a46ea6b733379e2e49
48646ed4b26b351dfc0c3ad866217c82506c879c
e2d18fe8813b196d46734cce88db814f573c192719a89bc0dc6acf53f1330481
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/g-i.png HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/png
Content-Length: 2336
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:41:48 GMT
ETag: "920-57562272c1b00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5c0rMCD4lytWXyK75NUUz0tH7NpX5qsDkqqs1mt4fNr%2Bq%2BawoJgIhXOIECBooTMOLJNcmOpZzYTfELjwl1KbhsQ%2B8dvkaZeyUn5PjulKrrXMqPdVEbFxJMbUPMOnUZPfrIyPbYHZ%2FI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab94c986b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/faceza2.jpg
200 OK 2.4 kB URL HTTP/1.1 google-presenteia.com/gift/img/faceza2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash a3a2952feb11720fc4095e4d1f8c336d
d5ec2d24b4c736dc4be256fbfaddafd205607eb6
3a9c9748ad159d7befecba6627a2b3a29e967d0124321c99c923cbfc99beaffa
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/faceza2.jpg HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/jpeg
Content-Length: 2379
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:00:24 GMT
ETag: "94b-5756269b0ea00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2Fjq0v1wDmqvQR8DZGp8pgyfAxQAVbFQ45vI8L3OJN221BIlBhfkK30MRBoFXP%2B4C8XSz7e%2BkBZbO0jnO3sc3mGJXjrPKRs8ZBHkKRApVEegHqf3Uzro9rdb%2B0gr8xrM2EghV80Lk1o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab94c892b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/faceza5.jpg
200 OK 2.6 kB URL HTTP/1.1 google-presenteia.com/gift/img/faceza5.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash 3c16e32e21008b3bd5a32e359ec331e5
7710b328ead1041fda7d79ee83515260cb0fe1fb
fb3f89ef74b16ca9d9e23d237b8ee7c7f008646ddf3d18087d6f7f12208e3465
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/faceza5.jpg HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/jpeg
Content-Length: 2630
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:00:30 GMT
ETag: "a46-575626a0c7780"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQGV1pQN4AGgWPyO2qEYtpaX6OCd3GECbd7phWU21PHD9DxkF6T4y%2BQtbIckiJY6TqJiT9nCupYfWrSj9BAINnaQ7XKjck0AajmVRz2aqUmvVRA0fzDAYFknIX5SauvSRYXfCtib8Hs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab94cccc0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/faceza6.jpg
200 OK 2.6 kB URL HTTP/1.1 google-presenteia.com/gift/img/faceza6.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash 448a17f4596710d6db4bf30dfae04a11
bd85b3f8f454b32357005d33f95cc1a038abcfe2
e8222b285dd34a9dcac05e0dffa56803bbd8e6d6464226aa2366e9746b4544e5
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/faceza6.jpg HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/jpeg
Content-Length: 2577
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:00:30 GMT
ETag: "a11-575626a0c7780"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfE0HTKvRBTz2FVhGPETFu3E4WR1JQEawQo3pIsyaqQhjOrr%2B2340UIEdvV9OLW1gehaYT4q3%2FeUsDeiSdsCwrRIS%2Fkp0MetETyJQUkefXlyOz4DxMgR%2F%2BWx1Mz7uV%2FZbpoUlRmbb%2Bw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab94cf661c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/google-line.png
200 OK 243 B URL HTTP/1.1 google-presenteia.com/gift/img/google-line.png
IP
File type PNG image data, 208 x 6, 8-bit colormap, non-interlaced\012- data
Hash 66294ac321d6ea56fb67cfb8a2d84811
cafdd9a1cb780c655b9e93719b19df05ca6dc348
15350ca6280874ef4ebecc5b346b6e2edd2c06ed209c39782dcd87b5550fac50
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/google-line.png HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/png
Content-Length: 243
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:01:12 GMT
ETag: "f3-575626c8d5600"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b59Nf7eKy3BxASbgPQk5awAz4yLg5EKmiHZ%2BSFKwqmWI2R7Iug8XL2LlnBfIdqE3X5ap1M444pu6ViRxk9%2F%2BL%2Bd%2BvM%2FlaC5UjzzU532kjBbnOngYF3Ni7ZwV178baAcIyD62dvSIEmg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab94cc12fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/1497187487_s8.png
200 OK 8.2 kB URL HTTP/1.1 google-presenteia.com/gift/img/1497187487_s8.png
IP
File type PNG image data, 147 x 148, 8-bit colormap, non-interlaced\012- data
Hash fd2e863fe58b92dd3059da2bfebaf864
472defc8d8973900d806d2a58942a37b3ee7e872
1342e72ffc260207db3a79391cd28225957fb54be295f51eb00e9343a848e432
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/1497187487_s8.png HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/png
Content-Length: 8243
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 02:49:59 GMT
ETag: "2033-5e71bf84c641f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV6%2FIONJjJ%2FxXJi1qCYKGWazclEjtDyZ9vclunq%2BD8TKxl10HJ4%2FDNI9VCnfcmM0kpeyY05PVrF%2Fopw7hKU5F33OJgL8yIQTLQqkGiv0MwdRwCelButhl1dLX%2Fs4MUTx%2B0VyKb%2F9OvA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab94cb9e0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/faceza1.jpg
200 OK 2.3 kB URL HTTP/1.1 google-presenteia.com/gift/img/faceza1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash 65f5f9a5691c24f8902f320f29260c14
44ff9aa6e4cb794ae25f80504d8e880ca1d3e199
45365a9b9c62189f81baec475b1d4b356ba3ef61e75cbac63f28433c32b1bab3
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/faceza1.jpg HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/jpeg
Content-Length: 2333
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:59:56 GMT
ETag: "91d-575626805ab00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRCGBwk6zmrb9JNc5XllE5PXNhYG%2BIYaxkbjITD5EMqV%2F6BpXKJNS1pCkMnhDWH6WCgxxss1BRv5usLewZjtROfr0s1pPVY%2FPP7YgqUMl%2B%2FgMANNkRZSB115EMYKI0VJedSbw1YNB2s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab978e37b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/rta.gif
200 OK 1.9 kB URL HTTP/1.1 google-presenteia.com/gift/img/rta.gif
IP
File type GIF image data, version 87a, 88 x 31\012- data
Hash 3c0823e492d6d5feb2e784edbb5bed12
2841f3ffbe0ef4e317e05828392323783c810c90
4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/rta.gif HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/gif
Content-Length: 1874
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:05:02 GMT
ETag: "752-575627a42db80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F7XlwSOi5XlAvB1zuktws0QVdca2d8fxStYt8IgB42EyfpEJMkusJarfylZLWIJWui80YvbkWr%2BIqgjJ5o%2B4a40aFqJvmcGNnOUprwLnOfKnM%2BqcDPgODuhLtJa1ChGsV2uuCoxuNg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab979e79fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/blank.html
404 Not Found 800 B URL HTTP/1.1 google-presenteia.com/gift/blank.html
IP
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0e64ea7435748320a3a836bd7024b8d2
c5ebcd91e8810d0eda1dbae7837e281bb5e455cc
22c2a2bf19e31151229b42b918c03848591222eb7e1d1207198302bfee8c5413
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/blank.html HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-language,accept-charset
Content-Language: en
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP7UBgja3TB3PPVaYhG2waS1xykOrfww6vmrPBs54SisOdlw%2BdCJvVM%2BnehhkTkFQ07aP%2BmgsF3bKruhMpaSLfHqVbQ7Hx6KGQlnKOmKxm0hBXoVXPJNCLWfPcTN6y06LMSb51NUYtk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7460ab978cb7b4ee-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/g-m.png
200 OK 2.2 kB URL HTTP/1.1 google-presenteia.com/gift/img/g-m.png
IP
File type PNG image data, 130 x 48, 8-bit colormap, non-interlaced\012- data
Hash a1de2d30f596cd19e74a2e36bd15c0d1
9a2a47d8b2c7351be855ac9e2493719f63a70c19
f619bb460b8559e9373e59f2d44bd7ed920e6b2274fe4b37db990dfea79e1d8c
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/g-m.png HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/png
Content-Length: 2213
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:41:32 GMT
ETag: "8a5-575622637f700"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7iOaZ20VGWKNvSRx%2B3knxxsewsxn5f%2Fh8lB0jteQLswaD1coPq%2BshO42pvclsi5kz%2BXuprRgcxfekR%2FvnTmXlgmRe1t2YF%2FxmIJtqlZqFWR8kZKFzyiTfkFEPFJ8TS4e2UkQljrVB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab979a8d1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 655 B URL HTTP/1.1 google-presenteia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/blank.html
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:16:51 GMT
ETag: W/"630f5f43-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGtkJj0x%2FGxJCSJapX987U%2F5nj%2BooOVmun8Q9Y9PCqR93oCPzDNe9DPKTPSFxNKsboPxnYOg12htzLX%2BXJIl6wIXJiBAOChic301EHmiiSeFvl6gAL2CMFHLPrVcGc2lrCKujecB5WM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab9a8e4a1c0e-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 07 Sep 2022 17:26:30 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
google-presenteia.com/gift/sound/WinTone.mp3
206 Partial Content 11 kB URL HTTP/1.1 google-presenteia.com/gift/sound/WinTone.mp3
IP
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash 0d787daf5d60f11016a8cb2e08fa4b54
fa2df35c9dc22154cad027115d43fc6ea04df54d
e0a02a946b04f2bfae9d4fbf26256e3cd6bd54036e05e9419055acd024f65265
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/sound/WinTone.mp3 HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 206 Partial Content
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: audio/mpeg
Content-Length: 11392
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 20:41:06 GMT
ETag: "2c80-5756224ab3c80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Content-Range: bytes 0-11391/11392
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAHHLTd4ZO4rEYpn5B06JLGAjOzDoQJT6dy4qIo7XR5%2FIPPtkn7Aeoqos6icwgQ0sL7JQ2JLp%2F7o5v4vazMsIHeEVXI6j8VHHXqHcyeZ7t2pNpdDAGbe1PsWTAjYEUkfB7%2FwMOgkd9U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7460ab9788560b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/faceza3.jpg
200 OK 2.8 kB URL HTTP/1.1 google-presenteia.com/gift/img/faceza3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash d41de77387415d78b48b141cffe837e9
b7efc02928d3c4fb3afdf5c3c0984519804d2b8c
0ec40e5bd1b7c6e319ee1f1ffae8cd966a5177b0d377b84225f657290c552330
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/faceza3.jpg HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/jpeg
Content-Length: 2830
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:00:28 GMT
ETag: "b0e-5756269edf300"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo7H3twxFz0HDcQ45jf2BE42XU%2FV%2FY7%2FcdiqrMeKYoePUd17LnhWFxFXzC3B5jM%2BLajyBy1WeeVVXThA5d9xMeSor%2FokF0V93AO%2FON2FVgJbvB%2B3SwX6uGCIQMVydrT0ipg2PX0nxmo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab98f8ae0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/faceza4.jpg
200 OK 2.5 kB URL HTTP/1.1 google-presenteia.com/gift/img/faceza4.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash 1c75d00b5f5234fc8f7f9d6dffe8db18
fece14deb4488cc37357a8a527db6636bd8955be
cd146c909327c3a3274b549541847491f738d8cfd3c1a1b86dab8e37a96694da
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/faceza4.jpg HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:30 GMT
Content-Type: image/jpeg
Content-Length: 2527
Connection: keep-alive
Last-Modified: Sat, 08 Sep 2018 21:00:28 GMT
ETag: "9df-5756269edf300"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fs%2BSmtvi1aynl8%2F0IhAc7At0VkcZ0tyZMoOcXvVzOyKXB9913xqZkSv4cnMRrH01T9K9TXWP2mKdkRPKUMeiuYfp7Ypd19SFhaRVIHs%2B8N7TLv462DHnkq6wrH9VlYGnpX28u5zxdg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab98f86eb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3df811ac19fde08f49ef246c29cef161
e1c8d54b357adaf32e80427028cc884fa35959e0
e2749178e0bf0c4045a96388a58029ddd92d13a866021737864cd68e11317292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 17:26:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/branding/product/ico/googleg_lodp.ico
200 OK 1.5 kB URL HTTP/2 www.google.com/images/branding/product/ico/googleg_lodp.ico
IP
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 3c7dcf00b5ddece397782818b2cf9d74
fbf7d59857a3ca4d6c94f0819b58a191d76e7db2
08d60d0844bc4457bc7badb32545ad3a3d037d941c8d5f7d0de6aad1517b15a5
GET /images/branding/product/ico/googleg_lodp.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://google-presenteia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: image/x-icon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
date: Mon, 05 Sep 2022 17:26:31 GMT
expires: Mon, 05 Sep 2022 17:26:31 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 17:26:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
google-presenteia.com/gift/img/iphonex.png
200 OK 12 kB URL HTTP/1.1 google-presenteia.com/gift/img/iphonex.png
IP
File type PNG image data, 147 x 140, 8-bit/color RGBA, non-interlaced\012- data
Hash 4787fefdc08c0928f7a01483237ca490
a62918d7fe3f0a336643f0a13d39415154e54892
2db109d93f49da39243bad201a507a0d47bc1922b7b7c2f5996631cad738e602
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/iphonex.png HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:31 GMT
Content-Type: image/png
Content-Length: 12427
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 02:42:48 GMT
ETag: "308b-5e71bde9a2b09"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgdYYxKRG9%2BHhVimslJH%2B5U0C6Z35bv9Uut2e8SUWsLAKI8z9RYcWVIVmlk5q1WbgVutTxJT0RpAn%2F0PwyIuy5XrFt1unDVnKVG5BTwlZuGp3V8hvx5rYSRZJHI7efLQWQacyWXs10Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab9a6959b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/img/1497184421_ipad.png
200 OK 6.8 kB URL HTTP/1.1 google-presenteia.com/gift/img/1497184421_ipad.png
IP
File type PNG image data, 140 x 143, 8-bit colormap, non-interlaced\012- data
Hash f71cae10f07abe4d0e26dec7d1b4456e
ec85aae8141b4160ea7652bc7c812b10fa1cf0f9
18f7e49616b64db4635fae74c12b8f1840b034f7b09b42f8ea43a43fa5e850a5
Analyzer Verdict Alert openphish Google Inc.
GET /gift/img/1497184421_ipad.png HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 17:26:31 GMT
Content-Type: image/png
Content-Length: 6801
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 02:46:37 GMT
ETag: "1a91-5e71bec408be7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFCM%2BWCZ5Kn2sSSTbkQ8zy5YH%2Bg6F0knJ8mUrQUwymLBC0h%2BtKxKrIoqfCw4OG%2FPLPQzo9s5bpVHW5jcSlm0H2QpLUWzq9YZyAfLaPCGxrwpXrBZwx48NsH1iqSEJ2l3fXWcFwDVl14%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7460ab9a58c3fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-presenteia.com/gift/blank.html?HistoryLoad
404 Not Found 800 B URL HTTP/1.1 google-presenteia.com/gift/blank.html?HistoryLoad
IP
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42c6541264606a2d14adc51de3d0e6be
aea20aa7b9229fc811b39db6747b7febbd000e42
8f3cf11f163b91dfeffece8798900fe39c57a8cd77d02b1f8e8c001fee6024e5
Analyzer Verdict Alert openphish Google Inc.
fortinet Phishing
GET /gift/blank.html?HistoryLoad HTTP/1.1
Host: google-presenteia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://google-presenteia.com/gift/
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 17:26:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: accept-language,accept-charset
Content-Language: en
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of44yjH2eBq%2F7AmsrvM%2FOAjAQdAWGygNK36cvD6b2lnyMainzDHazE2JAms7p4fh8uJ%2BPFjwe737rGCzgSsOXRIMo%2FYVS%2BlweGh0yk7V3ofsuxsB4RgUZy5sO20wjBVTC2Hjz0%2B6vQw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7460ab9f0c371c0e-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
188.114.96.1
54.186.209.73
23.36.77.32
93.184.220.29