| cdn.discordapp.com/attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe | 162.159.133.233 | 301 Moved Permanently | 0 B |
URL HTTP/1.1cdn.discordapp.com/attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe IP162.159.133.233:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | low | ET POLICY EXE File Downloaded from Discord |
GET /attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 06:13:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 07:13:23 GMT
Location: https://cdn.discordapp.com/attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Set-Cookie: __cf_bm=5NbwoTSrFbJe8PZ6RkXX_9MmIspx7yIVR.qAx7..YmE-1675836803-0-AUSvU1Kb7XREMgla6JbRadJ/jxyayL+roWmmuYoXG0VMI8P5utnuKpy12jSNcH626RV2qw8YFqvj/dubCkLOrfM=; path=/; expires=Wed, 08-Feb-23 06:43:23 GMT; domain=.discordapp.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn6XwXcNN5Vwymn6s0OK5scE5bgX9eQnvHy5nauTivT6XrAXVnMn8QhM5rygeMCbz0AzkydLfhjwMWofJBciCA7YoC%2B%2B3j2sXJGFkhzy%2FM1MgUxxg2eEZWxG5742Zviutn%2FqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796238138b89b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hash565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5721
Expires: Wed, 08 Feb 2023 07:48:44 GMT
Date: Wed, 08 Feb 2023 06:13:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hashb7407cc102d62a5acd5e61f8a79bed36 c2f4890a62454e514962b55b7fc14228339c8e90 be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16688
Expires: Wed, 08 Feb 2023 10:51:31 GMT
Date: Wed, 08 Feb 2023 06:13:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hashcc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13413
Expires: Wed, 08 Feb 2023 09:56:56 GMT
Date: Wed, 08 Feb 2023 06:13:23 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 05:36:36 GMT
content-type: application/json
age: 2207
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashe535cc23ef497323a2483d682c338789 34682af6de9280e3572ee04161877b9d4f2170d5 79f559bc272de3f155bb60bc6de5b4c5beaf47036c4b87eb5e2a488ef97a77a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5389
Cache-Control: max-age=169882
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:13:23 GMT
Etag: "63e31d10-116"
Expires: Fri, 10 Feb 2023 05:24:45 GMT
Last-Modified: Wed, 08 Feb 2023 03:54:56 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ouIDvYOg21vI21G99jVIQl006S/5UJIQQo7h+nsnjvVjWjI0gxpQc4tUw6BAXilLm0XxcRIeiyE=
x-amz-request-id: FEJ4126R4T7G4KJF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 05:35:49 GMT
age: 2254
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdn.discordapp.com/attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe | 162.159.130.233 | 200 OK | 17 kB |
URL HTTP/2cdn.discordapp.com/attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe IP162.159.130.233:0
File typePE32+ executable (GUI) x86-64, for MS Windows\012- data Hash39fa9d3ad34d7a60c9c3f758b00618d0 cd9194818a0d1d045b80c36546e3d24df30f3252 a60f9a4e4391fa5c45c985b033091fc0341456328884facf3e01210c0704e6ba
NIDS | Severity | Alert | suricata | low | ET POLICY EXE File Downloaded from Discord |
GET /attachments/1067474459272949760/1072239962973544499/WindowsUpdate.exe HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:13:23 GMT
content-type: application/x-msdos-program
content-length: 16896
cf-ray: 796238157b180b65-OSL
accept-ranges: bytes
age: 59
cache-control: public, max-age=31536000
content-disposition: attachment;%20filename="WindowsUpdate.exe"
etag: "39fa9d3ad34d7a60c9c3f758b00618d0"
expires: Thu, 08 Feb 2024 06:13:23 GMT
last-modified: Mon, 06 Feb 2023 19:38:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1675712328498762
x-goog-hash: crc32c=c0Cs/A==, md5=OfqdOtNNemDJw/dYsAYY0A==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16896
x-guploader-uploadid: ADPycduw4oSFfQTlXTDJD4zOYaNOHWzUd0rGHbwoLYnYyOaFbbEMHZk4Zo9QjIXB07-NlwTkKHnKtdlq-6N7wTKbuKNNwQ
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=ZJsKqp3mpNEsaESK0eysv3ZUpYs5o3077y.aNkEsPZo-1675836803-0-AfYlyZdMCfi/Crni8d9TDAAIIHp4fSuDEqSMrY+ryEI9rA5lCsj5rX2uMk/AfYRWrp2NmIadRMi5EZ2mx+eZGmY=; path=/; expires=Wed, 08-Feb-23 06:43:23 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qbeu9SzEkWSFXF8bIcEk1NtQHIuGq3L6wkvK1thaigHsZQFjZctC3QUHVqAWjakDU2Z29GVwR65ABm%2Bi8QB2iaEqX0W3ibqiWs%2Fk0hUyA%2Frb1o%2Br6RygHEAJHr358oW7LGlGKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashe535cc23ef497323a2483d682c338789 34682af6de9280e3572ee04161877b9d4f2170d5 79f559bc272de3f155bb60bc6de5b4c5beaf47036c4b87eb5e2a488ef97a77a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5389
Cache-Control: max-age=169882
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:13:23 GMT
Etag: "63e31d10-116"
Expires: Fri, 10 Feb 2023 05:24:45 GMT
Last-Modified: Wed, 08 Feb 2023 03:54:56 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:13:23 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 05:14:52 GMT
age: 3511
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hash9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15946
Expires: Wed, 08 Feb 2023 10:39:10 GMT
Date: Wed, 08 Feb 2023 06:13:24 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.149.219.22 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.219.22:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DGg03a6/8FJx8T2Dc41Y7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sNjL341aJkqaVLyed04seac0Ulw=
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675808113340%22 | 35.241.9.150 | 200 OK | 22 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675808113340%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (21681), with no line terminators Hash55012e1b3af0fc95bfadb44668f148e8 606062404e89594c099a810cd299f1b105194bdc 0c2a171c78600c8a574746fc2d040e22284325bd944e38e8fd9e3f6f19ef1eeb
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675808113340%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Wed, 08 Feb 2023 05:17:10 GMT
age: 3374
last-modified: Tue, 07 Feb 2023 22:15:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12445
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 06:13:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12445
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 06:13:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.10 | 200 OK | 503 B |
IP23.33.119.10:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12445
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 06:13:25 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbe9f475292d4b5b0502d4381ccdf455b ecb943b48c822b086ea699d802f8f1bb5ee26651 ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 30564
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc8f31c82179856e39ee5fc43d7f0b685 5b37f807a19ffc80c0b9334e6d24d5bb717496ce c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 28448
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash544181f4aba24fc687a14522dd20f720 2b117270563b8c466ec774acce55271c38f6135b 607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8zeMZ-IZHNe6x_IFZJgCv1V8fwSkBh0aNnKfwgGOP5r6U7LjT61qg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:48:02 GMT
age: 1523
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash726928e5de19ef978faebbe933c34008 bdaba3ed0c7efb65de88af96063d830683c8499b c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 30682
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg | 34.120.237.76 | 200 OK | 3.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc65144dcdaf688643761916851b151c0 1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1 974b5a62f2d051b2dd2c609f7bd08a4ef339dab0d31bccaa0f9898893c3ba6b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:27:19 GMT
age: 6366
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd8a3fa4f1ec82d501942f9db3de2cb7d b91c2aea7f2fb26131c8929b254c5596a1bb25ff 9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xc32O6lBfn7jYg9I3VlZ5FnR9YpJtU3DbYD_ozsf_-R_Ih1-2e1-CQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:10 GMT
age: 30675
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|