firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 20:09:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GjRcNFQUYWe-b3CFoaihzEOX6KjEmoQD0ytgvaZ7MdygXZ8jFLGc7A==
Age: 2505
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12667
Expires: Thu, 15 Sep 2022 00:22:35 GMT
Date: Wed, 14 Sep 2022 20:51:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KAbyBtZNmyZmJjJMwjDShjZbHO-z-UMCoWaVijvzV6hc5NnHQKnYWQ==
age: 58573
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 20:51:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 20:03:22 GMT
Expires: Wed, 14 Sep 2022 20:10:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p30wRzzOV0In5D16J8Oj3M2daIE5dFwi4o1874VjEdTQDWguzo7u8A==
Age: 2886
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3273
Cache-Control: max-age=130204
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 20:51:29 GMT
Etag: "63218ba4-1d7"
Expires: Fri, 16 Sep 2022 09:01:33 GMT
Last-Modified: Wed, 14 Sep 2022 08:07:00 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.126.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.126.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nZcLROJVdIIpZ9RX2MRwfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9JYS4FtcetlBFsvfNZ2JscHFBCg=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 20:51:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 20:51:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 20:51:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 20:51:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 20:51:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GPFNoTdF_D8rFf6qKddyxIKzhtfGCW6iib0shChxTPHhZ1OXrzbmnw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 00:47:00 GMT
age: 72270
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sXVy7OFoVpLgfEUTqNaYBESwKOhqP9mG-uOb80Ye6bFb518BB-Panw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:20:55 GMT
age: 1835
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxwNJTaYrkujzIInoTGcGSAnccefYJ9x4aUjaT3QKN2lmUCrQD7ySg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:11 GMT
age: 1819
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Rx8KX_QI5I2x7q0gcvxcJX7QzZUe2KkfqAUVR64lEujF4xDEWWDhZQ==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 1817
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 9d4f8b01-c36c-4378-9c9d-5660084b781f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxNlNGmZIAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63105c87-33f69c990fc7a6073eb5a63a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:17:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E3cLpeRf1RAA79G5O1p1xmgDHk_o9Ba-F9KnZqS_X_2kr1543CwnMg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:12 GMT
age: 1818
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 1817
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public
193.34.145.204301 Moved Permanently 258 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public
IP 193.34.145.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 581db2b3b6a51f3d6a893ec470265cf1
59bf300411996d18e714d6ad6569d3df6aac1aec
4a0dcd5a8ba57c7925577c74a70b89525ff9a8421b50569975f5a2cbd2aa7eef
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkUxVEpEYTJSQlJ5YWwwR25udlR1NGc9PSIsInZhbHVlIjoib3dUZklsMmVRWkRXRWE5dVducjRPOGd4ZXppSlNLTFpuZFk1SGl2eGxSSnVZYXBpSzcrREM4cVFvbmx2V0FhczI0dnB6aVRkMHJOODFZYU0rbXJDRElXWTJ0K0wxaTZOTFZ1OHRxMjF6cHd5cWdVWFV1bmVpaDI1d2pXMW9KVFUiLCJtYWMiOiJmYzg1OGIxZjAxMzNiMzE4YzU1NmUxMzNhMjdkZGMxZWY5YTk4MmZjZWE5YWRlZDczNGY5ODU5YTc5ZWI3YTBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImtoM3lYaHo1bk9nVDBJQUhYdThkY2c9PSIsInZhbHVlIjoiSzVqK0w4bXhRbllQbXBxY2p6a3lPTzREVXFrNk5mQzRkYUdwZlJtSmZwRUZSWTUyZ1M2bC91VHNlM3RSVVozbXI2RURURmpQbkprdndXajFjR2dnRjFicmtURUZsdm54OXFtY2hDWExpaUxrR1VSVVIwbVVBQkkva2N5c3U1Tm8iLCJtYWMiOiJjMWU0MjJiZjYyMWU4ODQ1ZjFjNzQxMWY2NzcwZTllNmMyNTdmZDU5YTQ2ZjNjMWZiYjY0YTVlN2U0ZTlhZmY1IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-b84e1f9d-ac65-4088-8ead-7651fc5a185f%22%2C%22lastActivity%22:1663188416802}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1663188416803}; _hjSessionUser_2895475=eyJpZCI6ImFkZDVhYjk1LWIyZTgtNTMyYi05MGUxLTkzM2M4OWE3ODQxYSIsImNyZWF0ZWQiOjE2NjMxODg0MTc5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2895475=eyJpZCI6ImIyZWI0OTJmLTA1NjQtNDc3NS1iZDVlLTk4MDJmOTVkMGUxYiIsImNyZWF0ZWQiOjE2NjMxODg0MTc5NDAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
location: https://delivery.attempt.ndelectric-dz.com/public/
content-length: 258
content-type: text/html; charset=iso-8859-1
date: Wed, 14 Sep 2022 20:51:30 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7/
193.34.145.204301 Moved Permanently 290 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7/
IP 193.34.145.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 54633b06dc5d6c30a751bbdec38f19cd
3e6694deaba2314b2efa05882f26157179058beb
2fc5e1f057f78253d0b2f6904a70cdf7a5b268706ced25699dd26ad1fbd43fef
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7/ HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6ImhUU2FPd0hjZ28veHZxdUJRcWFUZHc9PSIsInZhbHVlIjoiRWhuYmJsdjA5TzI2VURLY2VOZjlpNkdBZ1lHdzhHRlRaaWVrOVkwVEhaR3NTZGZNR0grcHdRVUF2MlZsSUhnYXdxQWNkUVpYeEE1R3FyY2hpUjNmcGxYYUQ5dzN0OHdhRjJWd2ZsVlZvSjBmakMvWjMzUTduZDUwRVF4UmJMRTEiLCJtYWMiOiIwNDVkM2QxY2MwZTRkMjc0ODIzZTRjM2Q4MDY5MjQ0MDVkMTA0NWUzM2UyMzYxMWY1NmQ2ZWM1MzRiMTJkNzk0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ikk1aHdDMzBkdVJxUlVNelhjOGVoL0E9PSIsInZhbHVlIjoiSStBdjAxOUgza0padU9RYlByUTdTZDJvQUJFWGdQY05JcGxiMS93SzlNcmF6Z1FFdjJJS1hncGg2TDNpbEZCelFXZGYrRVA4eHJZdXZBZmlLYmgrOW1mRkxvOWdXdHNwUW5QelJ6cWJKSnUwa1BMN3VTekswQVZBZitxeG9lTmsiLCJtYWMiOiJjODhlZDA0OGI2MDYyODhjYTM3ZDY0YzNkZGE0MzgxNDJjNjI5YzU2ZTI3ZDA0NGEyMjE3YTZiYzZmZjEwOTMyIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-b84e1f9d-ac65-4088-8ead-7651fc5a185f%22%2C%22lastActivity%22:1663188416802}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1663188416803}; _hjSessionUser_2895475=eyJpZCI6ImFkZDVhYjk1LWIyZTgtNTMyYi05MGUxLTkzM2M4OWE3ODQxYSIsImNyZWF0ZWQiOjE2NjMxODg0MTc5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2895475=eyJpZCI6ImIyZWI0OTJmLTA1NjQtNDc3NS1iZDVlLTk4MDJmOTVkMGUxYiIsImNyZWF0ZWQiOjE2NjMxODg0MTc5NDAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
location: https://delivery.attempt.ndelectric-dz.com/public/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7
content-length: 290
content-type: text/html; charset=iso-8859-1
date: Wed, 14 Sep 2022 20:51:32 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7
193.34.145.204508 Loop Detected 288 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7
IP 193.34.145.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef220a553813acc9ede80405df3b7fd7
382fcf28d5b5ace81e818fa5a2f9c6d54eec179b
d3cffe9f37702e95b3702696987f93ab39922a033e06610275a82a7aae14c96a
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7 HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.attempt.ndelectric-dz.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImhUU2FPd0hjZ28veHZxdUJRcWFUZHc9PSIsInZhbHVlIjoiRWhuYmJsdjA5TzI2VURLY2VOZjlpNkdBZ1lHdzhHRlRaaWVrOVkwVEhaR3NTZGZNR0grcHdRVUF2MlZsSUhnYXdxQWNkUVpYeEE1R3FyY2hpUjNmcGxYYUQ5dzN0OHdhRjJWd2ZsVlZvSjBmakMvWjMzUTduZDUwRVF4UmJMRTEiLCJtYWMiOiIwNDVkM2QxY2MwZTRkMjc0ODIzZTRjM2Q4MDY5MjQ0MDVkMTA0NWUzM2UyMzYxMWY1NmQ2ZWM1MzRiMTJkNzk0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ikk1aHdDMzBkdVJxUlVNelhjOGVoL0E9PSIsInZhbHVlIjoiSStBdjAxOUgza0padU9RYlByUTdTZDJvQUJFWGdQY05JcGxiMS93SzlNcmF6Z1FFdjJJS1hncGg2TDNpbEZCelFXZGYrRVA4eHJZdXZBZmlLYmgrOW1mRkxvOWdXdHNwUW5QelJ6cWJKSnUwa1BMN3VTekswQVZBZitxeG9lTmsiLCJtYWMiOiJjODhlZDA0OGI2MDYyODhjYTM3ZDY0YzNkZGE0MzgxNDJjNjI5YzU2ZTI3ZDA0NGEyMjE3YTZiYzZmZjEwOTMyIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-b84e1f9d-ac65-4088-8ead-7651fc5a185f%22%2C%22lastActivity%22:1663188416802}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1663188416803}; _hjSessionUser_2895475=eyJpZCI6ImFkZDVhYjk1LWIyZTgtNTMyYi05MGUxLTkzM2M4OWE3ODQxYSIsImNyZWF0ZWQiOjE2NjMxODg0MTc5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2895475=eyJpZCI6ImIyZWI0OTJmLTA1NjQtNDc3NS1iZDVlLTk4MDJmOTVkMGUxYiIsImNyZWF0ZWQiOjE2NjMxODg0MTc5NDAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 508 Loop Detected
retry-after: 14400
content-length: 288
content-type: text/html
date: Wed, 14 Sep 2022 20:51:32 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/favicon.ico
193.34.145.204200 OK 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/favicon.ico
IP 193.34.145.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish DHL Airways, Inc.
GET /favicon.ico HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/4kBIzYS1CsQZaMHHnvakeE7vnZX8l9N7
Cookie: XSRF-TOKEN=eyJpdiI6ImhUU2FPd0hjZ28veHZxdUJRcWFUZHc9PSIsInZhbHVlIjoiRWhuYmJsdjA5TzI2VURLY2VOZjlpNkdBZ1lHdzhHRlRaaWVrOVkwVEhaR3NTZGZNR0grcHdRVUF2MlZsSUhnYXdxQWNkUVpYeEE1R3FyY2hpUjNmcGxYYUQ5dzN0OHdhRjJWd2ZsVlZvSjBmakMvWjMzUTduZDUwRVF4UmJMRTEiLCJtYWMiOiIwNDVkM2QxY2MwZTRkMjc0ODIzZTRjM2Q4MDY5MjQ0MDVkMTA0NWUzM2UyMzYxMWY1NmQ2ZWM1MzRiMTJkNzk0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ikk1aHdDMzBkdVJxUlVNelhjOGVoL0E9PSIsInZhbHVlIjoiSStBdjAxOUgza0padU9RYlByUTdTZDJvQUJFWGdQY05JcGxiMS93SzlNcmF6Z1FFdjJJS1hncGg2TDNpbEZCelFXZGYrRVA4eHJZdXZBZmlLYmgrOW1mRkxvOWdXdHNwUW5QelJ6cWJKSnUwa1BMN3VTekswQVZBZitxeG9lTmsiLCJtYWMiOiJjODhlZDA0OGI2MDYyODhjYTM3ZDY0YzNkZGE0MzgxNDJjNjI5YzU2ZTI3ZDA0NGEyMjE3YTZiYzZmZjEwOTMyIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-b84e1f9d-ac65-4088-8ead-7651fc5a185f%22%2C%22lastActivity%22:1663188416802}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1663188416803}; _hjSessionUser_2895475=eyJpZCI6ImFkZDVhYjk1LWIyZTgtNTMyYi05MGUxLTkzM2M4OWE3ODQxYSIsImNyZWF0ZWQiOjE2NjMxODg0MTc5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2895475=eyJpZCI6ImIyZWI0OTJmLTA1NjQtNDc3NS1iZDVlLTk4MDJmOTVkMGUxYiIsImNyZWF0ZWQiOjE2NjMxODg0MTc5NDAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Mar 2022 03:35:56 GMT
accept-ranges: bytes
content-length: 0
content-type: image/x-icon
date: Wed, 14 Sep 2022 20:51:32 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/gSVyz9XHCCYv5DXigOSnZRzaTo36bi8w
193.34.145.204302 Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/gSVyz9XHCCYv5DXigOSnZRzaTo36bi8w
IP 193.34.145.204:0
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/gSVyz9XHCCYv5DXigOSnZRzaTo36bi8w HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlEzaGVNNzhEb0pBVVZURWhMdG1pS2c9PSIsInZhbHVlIjoiU0hCZDFVTlNZaU1aamtwSmtraWhTRVpDNXAyYkYxdncrM1lRZDB3aUdEZis0d295T2kzQytOL0JmS2t1eG53Ny9tTUtBU25tay9pOEJERlpJeUZKUHp3aHU2Yk5tbXBwNDBrYXNCKzZKcjltZ01LUVR3WDY3RlB3VllQeXJmSUkiLCJtYWMiOiIwZGZhZDkwZGYwZGEwNzVmYzNmZTc5NzZiYWYwNDY2MzJhYzI1NTAyMDVmZTBkMjA4M2UyODNjZTBiNGFhM2Y2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkV6VTNHdUpDVWFmTlJYLzkyK3RRMVE9PSIsInZhbHVlIjoiNWMvSEwxc3owL29qYTNoRTQ4OElXNkYyb3Y5SVJvVW1XcEJ0QW9WVDJQd2dwdzVSeGlLUU8vNU1jRXAzL2RSeXBDdDBOZFVDNU92d2NqNm5hSXpvNnIxWmpWNUV2bE81VFEyMUcyZjZXZnQzbmE4QnJ4YzhvaVhqNmhJcFlzeTgiLCJtYWMiOiJiMDkwYzJkNmE5NjUyNjI1N2VmMGY1MTdiYjYzODdhMDllOTk5M2U4ODhkMGU4MzVlYjk5NDBiMzY4ZmE2ZDIyIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-b84e1f9d-ac65-4088-8ead-7651fc5a185f%22%2C%22lastActivity%22:1663188416802}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1663188416803}; _hjSessionUser_2895475=eyJpZCI6ImFkZDVhYjk1LWIyZTgtNTMyYi05MGUxLTkzM2M4OWE3ODQxYSIsImNyZWF0ZWQiOjE2NjMxODg0MTc5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2895475=eyJpZCI6ImIyZWI0OTJmLTA1NjQtNDc3NS1iZDVlLTk4MDJmOTVkMGUxYiIsImNyZWF0ZWQiOjE2NjMxODg0MTc5NDAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: no-cache, private
date: Wed, 14 Sep 2022 20:51:28 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IkUxVEpEYTJSQlJ5YWwwR25udlR1NGc9PSIsInZhbHVlIjoib3dUZklsMmVRWkRXRWE5dVducjRPOGd4ZXppSlNLTFpuZFk1SGl2eGxSSnVZYXBpSzcrREM4cVFvbmx2V0FhczI0dnB6aVRkMHJOODFZYU0rbXJDRElXWTJ0K0wxaTZOTFZ1OHRxMjF6cHd5cWdVWFV1bmVpaDI1d2pXMW9KVFUiLCJtYWMiOiJmYzg1OGIxZjAxMzNiMzE4YzU1NmUxMzNhMjdkZGMxZWY5YTk4MmZjZWE5YWRlZDczNGY5ODU5YTc5ZWI3YTBmIiwidGFnIjoiIn0%3D; expires=Wed, 14-Sep-2022 22:51:30 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImtoM3lYaHo1bk9nVDBJQUhYdThkY2c9PSIsInZhbHVlIjoiSzVqK0w4bXhRbllQbXBxY2p6a3lPTzREVXFrNk5mQzRkYUdwZlJtSmZwRUZSWTUyZ1M2bC91VHNlM3RSVVozbXI2RURURmpQbkprdndXajFjR2dnRjFicmtURUZsdm54OXFtY2hDWExpaUxrR1VSVVIwbVVBQkkva2N5c3U1Tm8iLCJtYWMiOiJjMWU0MjJiZjYyMWU4ODQ1ZjFjNzQxMWY2NzcwZTllNmMyNTdmZDU5YTQ2ZjNjMWZiYjY0YTVlN2U0ZTlhZmY1IiwidGFnIjoiIn0%3D; expires=Wed, 14-Sep-2022 22:51:30 GMT; Max-Age=7200; path=/; httponly; samesite=lax
location: https://delivery.attempt.ndelectric-dz.com/public
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/
193.34.145.204200 OK 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/
IP 193.34.145.204:0
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/ HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkUxVEpEYTJSQlJ5YWwwR25udlR1NGc9PSIsInZhbHVlIjoib3dUZklsMmVRWkRXRWE5dVducjRPOGd4ZXppSlNLTFpuZFk1SGl2eGxSSnVZYXBpSzcrREM4cVFvbmx2V0FhczI0dnB6aVRkMHJOODFZYU0rbXJDRElXWTJ0K0wxaTZOTFZ1OHRxMjF6cHd5cWdVWFV1bmVpaDI1d2pXMW9KVFUiLCJtYWMiOiJmYzg1OGIxZjAxMzNiMzE4YzU1NmUxMzNhMjdkZGMxZWY5YTk4MmZjZWE5YWRlZDczNGY5ODU5YTc5ZWI3YTBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImtoM3lYaHo1bk9nVDBJQUhYdThkY2c9PSIsInZhbHVlIjoiSzVqK0w4bXhRbllQbXBxY2p6a3lPTzREVXFrNk5mQzRkYUdwZlJtSmZwRUZSWTUyZ1M2bC91VHNlM3RSVVozbXI2RURURmpQbkprdndXajFjR2dnRjFicmtURUZsdm54OXFtY2hDWExpaUxrR1VSVVIwbVVBQkkva2N5c3U1Tm8iLCJtYWMiOiJjMWU0MjJiZjYyMWU4ODQ1ZjFjNzQxMWY2NzcwZTllNmMyNTdmZDU5YTQ2ZjNjMWZiYjY0YTVlN2U0ZTlhZmY1IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-b84e1f9d-ac65-4088-8ead-7651fc5a185f%22%2C%22lastActivity%22:1663188416802}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1663188416803}; _hjSessionUser_2895475=eyJpZCI6ImFkZDVhYjk1LWIyZTgtNTMyYi05MGUxLTkzM2M4OWE3ODQxYSIsImNyZWF0ZWQiOjE2NjMxODg0MTc5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2895475=eyJpZCI6ImIyZWI0OTJmLTA1NjQtNDc3NS1iZDVlLTk4MDJmOTVkMGUxYiIsImNyZWF0ZWQiOjE2NjMxODg0MTc5NDAsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
date: Wed, 14 Sep 2022 20:51:30 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6ImhUU2FPd0hjZ28veHZxdUJRcWFUZHc9PSIsInZhbHVlIjoiRWhuYmJsdjA5TzI2VURLY2VOZjlpNkdBZ1lHdzhHRlRaaWVrOVkwVEhaR3NTZGZNR0grcHdRVUF2MlZsSUhnYXdxQWNkUVpYeEE1R3FyY2hpUjNmcGxYYUQ5dzN0OHdhRjJWd2ZsVlZvSjBmakMvWjMzUTduZDUwRVF4UmJMRTEiLCJtYWMiOiIwNDVkM2QxY2MwZTRkMjc0ODIzZTRjM2Q4MDY5MjQ0MDVkMTA0NWUzM2UyMzYxMWY1NmQ2ZWM1MzRiMTJkNzk0IiwidGFnIjoiIn0%3D; expires=Wed, 14-Sep-2022 22:51:32 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ikk1aHdDMzBkdVJxUlVNelhjOGVoL0E9PSIsInZhbHVlIjoiSStBdjAxOUgza0padU9RYlByUTdTZDJvQUJFWGdQY05JcGxiMS93SzlNcmF6Z1FFdjJJS1hncGg2TDNpbEZCelFXZGYrRVA4eHJZdXZBZmlLYmgrOW1mRkxvOWdXdHNwUW5QelJ6cWJKSnUwa1BMN3VTekswQVZBZitxeG9lTmsiLCJtYWMiOiJjODhlZDA0OGI2MDYyODhjYTM3ZDY0YzNkZGE0MzgxNDJjNjI5YzU2ZTI3ZDA0NGEyMjE3YTZiYzZmZjEwOTMyIiwidGFnIjoiIn0%3D; expires=Wed, 14-Sep-2022 22:51:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
files.killbot.org/.cdn-cgi/killbot-security.js
104.21.11.160404 Not Found 0 B URL HTTP/2 files.killbot.org/.cdn-cgi/killbot-security.js
IP 104.21.11.160:0
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 14 Sep 2022 20:51:32 GMT
content-type: text/html
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control: max-age=14400
cf-cache-status: HIT
age: 68
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgBx9k6KImOdjcMFxgBYgBMzwYO43gUPrQZqTpuAx%2BhDdvvbEylom6y1v9W3pESk85yq7LrXebQnVQGsyQOtwIyRNNMzaJrW6KUzcgjLhwLkgV3M2ENsWj6UnqRbbkqqqI%2Ff9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ac0051eb221c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2