Report - monworkpage-isafelock.firebaseapp.com/

Report Overview

Submitted URL
monworkpage-isafelock.firebaseapp.com/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2023-04-04 00:54:34
Access
public
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - Suspicious JS code

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-04-04T18:15:20Z	485 B	167 kB	142.250.74.35
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-04-04T18:25:02Z	472 B	16 kB	216.58.207.227
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-04-04T18:13:50Z	333 B	391 B	34.117.237.239
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-04-04T22:35:31Z	455 B	1.9 kB	142.250.74.106
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-04-04T18:19:16Z	606 B	127 B	54.187.102.159
monworkpage-isafelock.firebaseapp.com	unknown	2022-11-16T14:25:56Z	2023-04-03T05:44:45Z	836 B	1.8 kB	199.36.158.100
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-04-04T18:12:09Z	2.0 kB	5.3 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-04-04T18:13:55Z	782 B	2.4 kB	35.241.9.150
www.google.com	7	2015-05-10T13:11:19Z	2023-04-04T21:32:30Z	462 B	1.1 kB	142.250.74.4
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-04-04T18:12:04Z	395 B	29 kB	31.13.72.12
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-04-04T18:20:05Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-04-04T18:12:04Z	1.7 kB	3.5 kB	142.250.74.131
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-04-04T23:17:38Z	1.7 kB	3.8 kB	192.229.221.95
ibank.nbg.gr	444225	2013-05-22T08:51:16Z	2023-03-31T15:09:04Z	1.4 kB	30 kB	95.101.10.177
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	642 B	349 B	157.240.221.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-04-04T13:13:40Z	3.2 kB	57 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-04-02	medium	monworkpage-isafelock.firebaseapp.com/	National Bank of Greece
2023-04-02	medium	monworkpage-isafelock.firebaseapp.com/	National Bank of Greece

PhishTank

Scan Date	Severity	Indicator	Alert
2022-11-16	medium	monworkpage-isafelock.firebaseapp.com/	Other
2022-11-16	medium	monworkpage-isafelock.firebaseapp.com/	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-04	medium	monworkpage-isafelock.firebaseapp.com/	Phishing
2023-04-04	medium	monworkpage-isafelock.firebaseapp.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-04-04	medium	monworkpage-isafelock.firebaseapp.com	Sinkholed
2023-04-04	medium	monworkpage-isafelock.firebaseapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	monworkpage-isafelock.firebaseapp.com/main-es2015.b4b71ab398567edc57ba.js	1.0 MB	2023-03-09	2023-11-28
Pretty URL monworkpage-isafelock.firebaseapp.com/main-es2015.b4b71ab398567edc57ba.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:47:01 Last Seen2023-11-28 15:05:38 Times Seen37 Hash 1b556a6a74867474321f10ea7b88327c 65e6b67572502545cfe6bbb0ac4b2c766b63b052 a463c0edb47766ff6bbef8796c7e8210915f68ac7108a04d8ab13f41bd3c8f30 Loading...

	connect.facebook.net/signals/config/669086076924105?v=2.9.100&r=stable	154 kB	2023-03-13	2023-04-24
Pretty URL connect.facebook.net/signals/config/669086076924105?v=2.9.100&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:34:09 Last Seen2023-04-24 20:31:01 Times Seen12 Hash c6851b5d9ef842c782dd39a1c50554b6 41fad8a7a52d8625d195d02f675676221115d3ae 32f98085e25188e38370b54433f756a26ecaf4a2e4c2a299556e0aa802ce0a00 Loading...

	connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100	74 kB	2023-03-12	2024-04-20
Pretty URL connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:01:49 Last Seen2024-04-20 17:48:03 Times Seen983 Hash 19cd6e47a2804b5793d5ea070fcd8ca3 be3ae77ec133b1d125b803fbb12b3ab2adfe11fc 5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a Loading...

	monworkpage-isafelock.firebaseapp.com/	735 B	2023-03-09	2023-04-05
Pretty URL monworkpage-isafelock.firebaseapp.com/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:49:47 Last Seen2023-04-05 01:35:26 Times Seen5 Hash e31b47b16d9142600d50ac00a6e396ca cb9e75cec98232c11a2932a361969bfafc938765 a514bc69abcb0c14c3c6453f2e52961f52bc21cff3a93c74e93688e1deb615b2 Loading...

	monworkpage-isafelock.firebaseapp.com/runtime-es2015.0dae8cbc97194c7caed4.js	1.5 kB	2023-03-07	2024-07-24
Pretty URL monworkpage-isafelock.firebaseapp.com/runtime-es2015.0dae8cbc97194c7caed4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:11 Last Seen2024-07-24 23:02:54 Times Seen974 Hash 1244d3f2f28ecc6619157927aca95200 a9aafcf49f49145093fc831efd9b8e2f6c71bb9c 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8 Loading...

	monworkpage-isafelock.firebaseapp.com/polyfills-es2015.09ee2f719bd21ab5c7b1.js	37 kB	2023-03-07	2024-07-22
Pretty URL monworkpage-isafelock.firebaseapp.com/polyfills-es2015.09ee2f719bd21ab5c7b1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:05 Last Seen2024-07-22 05:24:30 Times Seen116 Hash c13545a4366187eaeb662de603fb44f9 72ad4ccc0a3916ae4598199447cdeadd6d380570 3cff92ecbf327e17b4ae0069b7f20b79ee5c593ad5754d6856b81471e71d05a8 Loading...

	www.google.com/recaptcha/api.js?render=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&onload=ng2recaptchaloaded	945 B	2023-04-02	2023-04-05
Pretty URL www.google.com/recaptcha/api.js?render=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&onload=ng2recaptchaloaded IP 142.250.74.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-02 21:33:12 Last Seen2023-04-05 01:35:26 Times Seen2 Hash 35ff19349abda6c5f75c5f45ab05f03d f484c36ce756e08e6f1d3f65f0502ef2a07a4877 eec0998bff3ee1b9551cfe51d087157b0c11fb9ddad9239f5fcff8163e654c37 Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-29	2024-01-01
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:21:14 Last Seen2024-01-01 20:32:51 Times Seen5908 Hash 16a85e90ff4a7f49fb83743f7e338b4f c6ef02e6771407f89b4eb7efccf9efc08b4ca242 dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849 Loading...

	unknown	0 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:32:11 Times Seen41184133 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js	417 kB	2023-04-01	2023-04-19
Pretty URL www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:08:43 Last Seen2023-04-19 20:28:33 Times Seen4222 Hash d0341e93b2348180631183ce43097c5d 74229ffec024c2df2138b558f3771ced36845013 db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&co=aHR0cHM6Ly9tb253b3JrcGFnZS1pc2FmZWxvY2suZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=ylowomk894ah	315 B	2023-03-07	2023-04-05
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&co=aHR0cHM6Ly9tb253b3JrcGFnZS1pc2FmZWxvY2suZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=ylowomk894ah IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2023-04-05 02:11:13 Times Seen249 Hash 312a2a397ac7ddf5a927eebe419d7df2 2a35fbcb23a052f9ec3f0621c2e8f69959a16fff 014d324c605331878f1b40bfccc4d6c5fa9af407ef5331491a34fdd68e768273 Loading...

	monworkpage-isafelock.firebaseapp.com/	772 B	2023-03-09	2023-04-05
Pretty URL monworkpage-isafelock.firebaseapp.com/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:49:48 Last Seen2023-04-05 01:35:26 Times Seen5 Hash fa315aa526c551565979aca33aacb4f7 bb172fef2888666eef906cf8d3afa782880d28ed 49a2108eab43eb26dd699134ac37984b9ff8eb57f1ccbcece6f881bad91ba45b Loading...

HTTP Transactions (38)

URL IP Response Size

monworkpage-isafelock.firebaseapp.com/

199.36.158.100

301 Moved Permanently

0 B

URL HTTP/1.1
monworkpage-isafelock.firebaseapp.com/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	National Bank of Greece
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: monworkpage-isafelock.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://monworkpage-isafelock.firebaseapp.com/
Accept-Ranges: bytes
Date: Tue, 04 Apr 2023 00:54:23 GMT
X-Served-By: cache-bma1674-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1680569663.487256,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1965860f5630f7dda817a236cb72ea24
beec8147d48911a007287014564ce544d296a5fd
00b4aafe530f6ceb3d6d4de42fffdaee0cb4e0a60834c85b1d21e42e5db2ef91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00B4AAFE530F6CEB3D6D4DE42FFFDAEE0CB4E0A60834C85B1D21E42E5DB2EF91"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12686
Expires: Tue, 04 Apr 2023 04:25:49 GMT
Date: Tue, 04 Apr 2023 00:54:23 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c17f530e6db706fa5f9eb36a6cca4a4
446b60a425aae47b0adf5abd7e18e9f90f52c0bc
ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8456
Expires: Tue, 04 Apr 2023 03:15:19 GMT
Date: Tue, 04 Apr 2023 00:54:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 00:28:42 GMT
content-type: application/json
age: 1541
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3449
Expires: Tue, 04 Apr 2023 01:51:52 GMT
Date: Tue, 04 Apr 2023 00:54:23 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gbbgdh4PLv/5ZSpNt5LxJ8ZayKdQMC3xbLlNgx1BJxEkQqIN4NwgXdGOyZhGvpmJQazA+7fr22s=
x-amz-request-id: KTJF6R4ZNKAPXVSK
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 00:52:57 GMT
age: 86
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 00:54:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

monworkpage-isafelock.firebaseapp.com/

199.36.158.100

200 OK

777 B

URL HTTP/2
monworkpage-isafelock.firebaseapp.com/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (455)
Size
777 B (777 bytes)
Hash
23bff4e7da7478ed5ca2cbdd0851363f
236e4d8bff7b348af68dde2107fde2882d533f85
f610fef794a424669e810922edb6a079583ad526799a86dd8c26eafc86da6540

Detections

Analyzer	Verdict	Alert
openphish	National Bank of Greece
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: monworkpage-isafelock.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "5906ee2e493bf5e490daa8bacbfc18c8fe4b6d4f069bc50e361d8fd051a93aba-br"
last-modified: Sun, 21 Aug 2022 05:59:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 04 Apr 2023 00:54:24 GMT
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680569664.849019,VS0,VE367
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 777
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/wC3FyxDkjtQ

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4int/wC3FyxDkjtQ
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8bc6104456a4c7f3fc63a0821396a631
982fee9636d7d0d077769c548378e229e81824d7
df9bd4f4a165ed4bf7655a98cfc58d5a72748997677caf321c6036e37bdbadb4

HTTP Headers

POST /s/gts1d4int/wC3FyxDkjtQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a4e63ad4a4c68269ab2144a7eba16b3
077d9d18481cca0a72c5daca41e9e7bbe21fdb1a
2723d135b26dc00409018c7e347017e6896c61077ad93df7144e7f9be3a448e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2723D135B26DC00409018C7E347017E6896C61077AD93DF7144E7F9BE3A448E5"
Last-Modified: Mon, 03 Apr 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12762
Expires: Tue, 04 Apr 2023 04:27:06 GMT
Date: Tue, 04 Apr 2023 00:54:24 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30735a8260b9c875d42add2d33a9a6c0
ea1076f012420c6d3ae054f07a6948352c96a598
995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 00:14:44 GMT
age: 2380
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

142.250.74.106

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1301 bytes)
Hash
98e67003404dfdcec0591d05f82d9f42
86f2f1db747803f972b96709112b76a23815195e
95c593e4fe79848e1807df970c0400176156a2b0e75fa8080469bf14eff9dc80

HTTP Headers

GET /css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Apr 2023 00:54:24 GMT
date: Tue, 04 Apr 2023 00:54:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.187.102.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.102.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Qi27M73WhzpGsX2QKHtB+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hTxnEqhkb6vFDeY/y/P3PndEhcw=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3e18ab4ca97f7339957b43db660cfd1a
762deec33262d66e27a74faa8e4c894f56204559
492dc3540f5c32f203158d75df28bf7da92b30f650307d6756ad11a44126752a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&onload=ng2recaptchaloaded

142.250.74.4

200 OK

609 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&onload=ng2recaptchaloaded
IP
142.250.74.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (945), with no line terminators
Size
609 B (609 bytes)
Hash
ddcc9a7d69023e4bd8e2aed1087fa28f
f5687ab0b192cbe65faa7d581c101d2a45fb80a2
da179944f5fc7370466e23cf659db518b304d4a7d59b5082eef897046a1144e0

HTTP Headers

GET /recaptcha/api.js?render=6LevQnsbAAAAAP9o476yPZoKfP84R6g9SlfdyQ_p&onload=ng2recaptchaloaded HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 04 Apr 2023 00:54:25 GMT
date: Tue, 04 Apr 2023 00:54:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 609
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c818478c2144e8b66cca05b1250e2f84
87a6d002023239e9967a62917f49749a3c328e3f
780462e5d689adb8c0cf9e1f146fdedd9dedb885d38287a941472630385434c6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3217
Cache-Control: max-age=87527
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Etag: "642a1b97-1d7"
Expires: Wed, 05 Apr 2023 01:13:12 GMT
Last-Modified: Mon, 03 Apr 2023 00:19:35 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
12542ad13da77f1d854ac33a8a5ab2b8
0b0ee4d76d357465d05db54159f40769e2b07cfb
67738f5798ab80a53de74c3e72422e0e3f70ddd1fa48f1ebc43d96f11ec729e2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 29
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Etag: "642a1b97-1d7"
Last-Modified: Tue, 04 Apr 2023 00:53:56 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c818478c2144e8b66cca05b1250e2f84
87a6d002023239e9967a62917f49749a3c328e3f
780462e5d689adb8c0cf9e1f146fdedd9dedb885d38287a941472630385434c6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3206
Cache-Control: max-age=87516
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Etag: "642a1b97-1d7"
Expires: Wed, 05 Apr 2023 01:13:01 GMT
Last-Modified: Mon, 03 Apr 2023 00:19:35 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5ba0d24586872fbb887f9ace5b204a6
748b10c9a747a90adf10b8f8dedefe59a22ed072
5d50fe5859a98b867ef22fd65c4ab3652d46188813256d43ba7ac61e2b7c9a18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ibank.nbg.gr/identity/Content/images/logos/light/login-logo.el.png

95.101.10.177

200 OK

27 kB

URL HTTP/2
ibank.nbg.gr/identity/Content/images/logos/light/login-logo.el.png
IP
95.101.10.177:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 729 x 516, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26907 bytes)
Hash
f14677e314721008021a7f668dc5ad70
246501ddadbd2fffb18299a19bf6fcdd13bf2b7e
909457e7d2ab71d52c2fa3386917fee5031be62e179b01804940a6cc9f5d61ac

HTTP Headers

GET /identity/Content/images/logos/light/login-logo.el.png HTTP/1.1
Host: ibank.nbg.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 06 Jul 2021 08:35:48 GMT
accept-ranges: bytes
etag: "22b4e1eb4172d71:0"
content-length: 26907
date: Tue, 04 Apr 2023 00:54:25 GMT
X-Firefox-Spdy: h2

ibank.nbg.gr/identity/dist/images/login.22e4da6a875c3b8aeadd4e3417dc86c4.jpg

95.101.10.177

500 Internal Server Error

75 B

URL HTTP/2
ibank.nbg.gr/identity/dist/images/login.22e4da6a875c3b8aeadd4e3417dc86c4.jpg
IP
95.101.10.177:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
515c99044e5a21629cbc1ea11bcd814b
efbed98eef7194eb4f8eca7d8fd1d8901f775f3e
1d04e8d3f8cea7e75beaa2a27688749050dbf6e944dc63450a6dcc948c884658

HTTP Headers

GET /identity/dist/images/login.22e4da6a875c3b8aeadd4e3417dc86c4.jpg HTTP/1.1
Host: ibank.nbg.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 500 Internal Server Error
content-type: text/html
server: Microsoft-IIS/10.0
server-timing: dtSInfo;desc="0", dtRpid;desc="-1880185522"
content-length: 75
date: Tue, 04 Apr 2023 00:54:25 GMT
set-cookie: ak_bmsc=FA73FAC4011214DF405A190B0D40E4FF~000000000000000000000000000000~YAAQrQplX/Rqdw6HAQAAAgfCSRO2yLpvdxtNP04eGq+YIotiUiVEu6ALbOmJsunszPFVYQhxsv/p7xnMexPlPy5qdpTYdWFBqgS1OlI1M7Uu1crDGxcRYa80FHtY61KgidnTa1whXDSmLEc8Frnb1MJXFd2Kw8fJ5HOzwuG3VT8Ko+kXu6UdEgTL0oPVn/gB+I/0ll08BWklX5BPlmD390wdA3J2wxiWGmKn2+6LKnzahNApCw4M+EtsrZqN1k/aBhrlwTRYLsg+bsgGxj1Mcaj0jB2t02WD2BAcLM6fZP6mxedhDoecoKl1uDnQkZVudbmPjCAgD8bI+8qFVms/WHS7B3reLa+jGmFx/PfUXzVphimR529B3FXuLrVK2wIIvR8ms91F7l2e3nY=; Domain=.ibank.nbg.gr; Path=/; Expires=Tue, 04 Apr 2023 02:54:25 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb9942f03b514cd94419dc270ca7c7d9
3d53ee99ec819fbba633f362222701e1122c0821
0eb68d1b91f16c58de634e0571b7cff02235eca1966b20a7a1925e8bbc608f8d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6561
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Last-Modified: Mon, 03 Apr 2023 23:05:04 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c5855af789369a9b0da3ae3d0ff5b7f0
393f65405b0231d85849bb2de71f53e4a935e14b
216bda1ec06919da765b408640b1841f048a3ac507a3c25786f0ec8b938837fe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64347)
Size
28 kB (27909 bytes)
Hash
7716e124e19760049484d1bcde4a8af2
51d50c9e9b7fc658c1316d1844418cee0baffa2a
fa7968a9a888e1a6dc6ac6126b8edd6e73974c2b0629f669bfb74916f0e7d534

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: oXN9HL6Wa5zyI2weklN9Q03G5qELFINQ3uRPhKaD5PDvRAatC0YHcXnyv1+lXfPs9KbvMW/pdu76AOwtTiHBOw==
content-length: 27909
x-fb-trip-id: 1904183273
date: Tue, 04 Apr 2023 00:54:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb9942f03b514cd94419dc270ca7c7d9
3d53ee99ec819fbba633f362222701e1122c0821
0eb68d1b91f16c58de634e0571b7cff02235eca1966b20a7a1925e8bbc608f8d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5759
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 00:54:25 GMT
Last-Modified: Mon, 03 Apr 2023 23:18:26 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (582)
Size
166 kB (166464 bytes)
Hash
b81d6636c3ad72c63e532e5180eaf7f9
ddcd059999fff6218e98af62dbe3fa9c885a0de8
2fb4351c49b47b7cdaa9516237a8b1e690e4448339d09d70a84c658729e461ef

HTTP Headers

GET /recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monworkpage-isafelock.firebaseapp.com
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 08:50:01 GMT
expires: Wed, 27 Mar 2024 08:50:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 576264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ibank.nbg.gr/identity/dist/pixel.html

95.101.10.177

500 Internal Server Error

75 B

URL HTTP/2
ibank.nbg.gr/identity/dist/pixel.html
IP
95.101.10.177:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
515c99044e5a21629cbc1ea11bcd814b
efbed98eef7194eb4f8eca7d8fd1d8901f775f3e
1d04e8d3f8cea7e75beaa2a27688749050dbf6e944dc63450a6dcc948c884658

HTTP Headers

GET /identity/dist/pixel.html HTTP/1.1
Host: ibank.nbg.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 500 Internal Server Error
content-type: text/html
server: Microsoft-IIS/10.0
x-oneagent-js-injection: true
x-ruxit-js-agent: true
server-timing: dtSInfo;desc="0", dtRpid;desc="-391276733"
content-length: 75
date: Tue, 04 Apr 2023 00:54:25 GMT
set-cookie: _abck=AC4B07DB42FB05C3BA344DE55E00BD45~-1~YAAQrQplX/Vqdw6HAQAAqAfCSQno0kP7b11bKKfdk2TevAf4Hye3iTtcngxkjiq39N3SYfl41XleoyCetb7MBHZzgzQABAeiIBNTAt98Nu8XIGKsTxMXqhm/VEXXvJuXq8E972pEzN1mTyTe5iY0MUsgWKPmdJ471qgjPoQ2AKDwYSAKNaqeo7jdNsy1dxqNIEnf+UW5JvGYZ2SqeerYavN3Wg0kL8AThf7bpn58XdE67JBRA/GCFwUipEa/D8ncr70Mlce0eBstVu+7f1Md8h64JSLXIixHO4Nk/wsOgHmBRRpcfQ+/bnOIc48+O4CFJ60SxGANdo44g2d7ZFx3GRRBZ/JAlb7l2ZfFyC2JjDyJzu3dHV4FPSQ=~-1~-1~1680573145; Domain=.nbg.gr; Path=/; Expires=Wed, 03 Apr 2024 00:54:25 GMT; Max-Age=31536000; Secure
ak_bmsc=301185AA2EFBF88CF1BA351C3DB219C5~000000000000000000000000000000~YAAQrQplX/Zqdw6HAQAAqAfCSRN7lMKM5bbT1WqXZi2sNobCNA+F6/a/HSPYfHwuWTdJKD/PZUKN5ra12bc6buVAmRYO5uOx18olSV48rzfcfvMcdRSOcplXWOAeIORtra/WOCdoz0mn3bWdbecJfcDx4EfaPdktCiMM4GR9roAiZpRedbKxJT4JuqaqK/H1M2Dy1MTBu6WKtUzUAew3X0y0pM1WZ1dAEPV8J4TxqfsaKIkjOxqdEcpdf65zGRtm2nbZ2OpOLEFVpWt9n59Gg598OpuL9tMjsWTt+AtoGGRw8QZcdPZW/XHH0HfvMk1UqXt7QoAuVWg6IfccKtApz+JlObsSssaz9APXTtB2skHRHJuNYsFkfRuEZVhbkLEY8bmpUpjpWh8avvU=; Domain=.ibank.nbg.gr; Path=/; Expires=Tue, 04 Apr 2023 02:54:25 GMT; Max-Age=7200; HttpOnly
bm_sz=3014F8451E44E1BF75AA687B4B5078A8~YAAQrQplX/dqdw6HAQAAqAfCSROa7ocwZ14aiq94ZIwJfGlUgnwbbQxMVAQiQVfGR7gkQqrc6RHqoSLvCvDH8NyB2BRfYZ2CoMqp/uJ47fMC4QxG0QgsmdbI37cSLMKoNFansbgDK8aqk6J7qYU+GxITZATFE+uyecHVaHpzNS/iw7UVYqi/JE67PfSsNtnNWfyCwzQ0dGIwOJZkw4WeKuvQO+H0fHjWJi8HLmutkSHpPDcaQP/sqLSt3Bg0pMlmhtRJ23OKGIU1O5ET+n8u7U3WEBuxSFelN3N9+OcHjA==~4601411~3683395; Domain=.nbg.gr; Path=/; Expires=Tue, 04 Apr 2023 04:54:25 GMT; Max-Age=14400
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=669086076924105&ev=PageView&dl=https%3A%2F%2Fmonworkpage-isafelock.firebaseapp.com%2F&rl=&if=false&ts=1680569665549&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1680569665548.259088322&it=1680569665383&coo=false&rqm=GET

157.240.221.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=669086076924105&ev=PageView&dl=https%3A%2F%2Fmonworkpage-isafelock.firebaseapp.com%2F&rl=&if=false&ts=1680569665549&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1680569665548.259088322&it=1680569665383&coo=false&rqm=GET
IP
157.240.221.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=669086076924105&ev=PageView&dl=https%3A%2F%2Fmonworkpage-isafelock.firebaseapp.com%2F&rl=&if=false&ts=1680569665549&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1680569665548.259088322&it=1680569665383&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monworkpage-isafelock.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 04 Apr 2023 00:54:25 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:35 GMT
expires: Wed, 27 Mar 2024 10:31:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 570170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9679
Expires: Tue, 04 Apr 2023 03:35:45 GMT
Date: Tue, 04 Apr 2023 00:54:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9679
Expires: Tue, 04 Apr 2023 03:35:45 GMT
Date: Tue, 04 Apr 2023 00:54:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2efdac70-96ce-4f42-be09-ff7a851d998e.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2efdac70-96ce-4f42-be09-ff7a851d998e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7954 bytes)
Hash
69710e48fd860345747dceebf0148ab9
0cfe9abf02616996b1ca4cec06231a7e3675397d
342f4b934580e8bc6543cf65f9501116e35bf51fd1ff35a16f4d895fd19b2eac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2efdac70-96ce-4f42-be09-ff7a851d998e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7954
x-amzn-requestid: 4d31de53-e5d7-4214-859d-d3e4c15e2883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cyg_1Ga6oAMFxCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a7b98-79dca37f64cc1e67269e2181;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 07:09:12 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: e7DHP08h4DZJ4CzTAThQI6puvlDTiIW0zXlqq3bCie9tt9YaY9EmIQ==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 07:15:24 GMT
age: 63542
etag: "0cfe9abf02616996b1ca4cec06231a7e3675397d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd65dd010-da4c-41c5-b16e-d447c4d8deea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12548 bytes)
Hash
c7a7cc54be45f71ff09257402a9e4d84
ac1f3a44ce912d4bda9f5cbd66a7f222b85aa94a
f139a2d27fdfeb4a28cd50d6f8f9fb5c96717b2893f9ac8452db90272d2c78bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd65dd010-da4c-41c5-b16e-d447c4d8deea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12548
x-amzn-requestid: b1a1ca64-3c21-48a9-8b76-6c00329d5925
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CyhPLGeWoAMF-3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a7bfa-03c540665ae850bc0a880e5c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 07:10:50 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: CBPM1TNfirOsf4AQNduJLyuhV9HnCm-jNF4l5Ikoz9iw3iP9AX2ADg==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 07:26:09 GMT
age: 62897
etag: "ac1f3a44ce912d4bda9f5cbd66a7f222b85aa94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff838f439-251e-4305-a247-7eee5ff2979a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7576 bytes)
Hash
b3ec7e8040ccdee79cfffb3ac02a6f67
b380133cc00dab11730bdfe2150ea33028dfef80
494eab2d0cdb17311e6a208d9fad2a7ae93ffd2ca6c4b6cb971ab4a2fa8ec91b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff838f439-251e-4305-a247-7eee5ff2979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7576
x-amzn-requestid: d444fbfc-9097-41f9-bfb9-3d21bdaabd13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cyg9hHbqoAMF1tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a7b89-69920adf612134e02eb45552;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 07:08:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: QhhrSn6SHlMaLQQJGfKx8t3CRwil7m_vpBxYCOMtVDOf0bsxQPQ6eg==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 07:23:06 GMT
age: 63080
etag: "b380133cc00dab11730bdfe2150ea33028dfef80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfb42fa-a742-48e1-9e04-5a6dd253e7c3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8717 bytes)
Hash
aa38adb609929dd640969cf7fdac34e0
2f6376d861ae95e83cd65f47f0ad99f73ecc519b
f83c9e3dd084b6148accb41f7b234e93d4e53a12f0a92846a1a7234159f6567e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfb42fa-a742-48e1-9e04-5a6dd253e7c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: 18f7e80a-b9df-4ece-86f2-59330cbda055
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpsGk6IAMFbdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-37906ba06871532364672b8a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qQTCrriLVnk_YyWMTS_FjDAkQLLZPvKJnF3Si9tTPTB5hBJ6_IchRQ==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:53:48 GMT
age: 10838
etag: "2f6376d861ae95e83cd65f47f0ad99f73ecc519b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6898 bytes)
Hash
80fcfbf9081b3ede0bbbb18635a9cbf4
037891066a15726bb272a8d74f96abb1520b4fe3
5cf70d8254f20aea5ca12439a4558f459d6bbf162f5e1a0f9b62e79de29d4b29

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6898
x-amzn-requestid: a56b192d-c797-4521-9af4-e3baaa8e6205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbGsRoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-5aeb60706595f7762c545067;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FntrW1uzEjetZkzVLvN-VUeVu4uWI0ceRV5-OY12YFGq5LQKFfS2mg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:14 GMT
age: 10932
etag: "037891066a15726bb272a8d74f96abb1520b4fe3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6803 bytes)
Hash
fde7605b95c3ac6b8de339dbd12e17b1
b44d521b31be7b3fe378a0e070c49379a6eab26e
5496cf7c705ccc67dd13f86a07d9a352424d58591aa67afe1e1361c640f8d510

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6803
x-amzn-requestid: 6c78179f-0d11-4a23-8e86-e4f05d7c7f90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fq3HrioAMF7ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4645-758850e07ef9b1512b684c35;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fYzW2B9Nf5JLhQdDSzDsT7h-auY41wg3PSAaSI6U68BNGvtHI99W7A==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:51:49 GMT
age: 10957
etag: "b44d521b31be7b3fe378a0e070c49379a6eab26e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML