Report - bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/

Report Overview

Submitted URL
bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/
IP
209.94.90.1
ASN
#40680 PROTOCOL
Submitted
2023-03-13 18:13:57
Access
public
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - JavaScript obfusction

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
icons.iconarchive.com	80681	2012-06-20T08:07:40Z	2023-03-25T19:34:53Z	332 B	4.7 kB	104.21.233.186
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	52.40.48.115
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	3.2 kB	45 kB	34.120.237.76
bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link	unknown	2022-08-25T16:54:26Z	2023-03-23T18:00:02Z	1.4 kB	2.5 kB	209.94.90.1
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413 B	5.9 kB	34.160.144.191
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	3.0 kB	8.0 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-25T05:10:03Z	425 B	80 kB	69.16.175.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-12	medium	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	Office365
2023-03-12	medium	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	Office365
2023-03-12	medium	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	Office365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-13	medium	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	Phishing
2023-03-13	medium	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/index_files/myscr584876.js.download	Phishing
2023-03-13	medium	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	398 B	2023-03-07	2024-04-17
Pretty URL bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:11 Last Seen2024-04-17 16:23:00 Times Seen151 Hash fafcfcaea3b48bed0fb8e413bbdcb63b 5511b3d584a075447473b3442a8f6848420cc28f 1dd3fbbb59c962bf8cd419fa4a65f60790c8c7eeea8874b4f3acc3e14a31a9ff Loading...

	code.jquery.com/jquery-1.9.1.js	268 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-1.9.1.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:57 Last Seen2024-04-25 01:34:41 Times Seen43952 Hash 08c235d357750c657ac1db7d1cf656a9 9257afd2d46c3a189ec0d40a45722701d47e9ca5 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Loading...

	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	1.4 kB	2023-03-07	2023-04-17
Pretty URL bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:59:39 Last Seen2023-04-17 19:40:00 Times Seen4 Hash 62a1fc0075893cf66cb820da5be5e066 0b1555be4d19d42ecc87e9594a0ac0d66fd83643 b4dac3ce4e12096d537133d4a8448a21aea72c90da5aabd01f6d17bf0672adc6 Loading...

	bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/	112 kB	2023-03-12	2023-07-19
Pretty URL bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:20:14 Last Seen2023-07-19 14:59:43 Times Seen6 Hash bae378ece4047b8a8bd446e5f0b64832 a023b2bf3a8d544bea481020e4c5a2911019fb7f 4d369964711f52264b7a67e861b2c3dbdbf1d7595bcf146449a3986e3a7c62af Loading...

		Size	First Seen	Last Seen
	#1 Write - 07ba30247f1bc9d19f1b0f05cd05b38e	37 kB	2023-03-12	2023-07-19
Pretty Observations First Seen2023-03-12 14:20:14 Last Seen2023-07-19 14:59:43 Times Seen6 Hash 07ba30247f1bc9d19f1b0f05cd05b38e 3547458d81588e3c1011745c38eab85aa1b15b17 6fc0dab2c0460d8cd1fd5c1bd8112844d49c29572ee879e52c2bf6ea812e20cc Loading...

HTTP Transactions (25)

URL IP Response Size

bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/

209.94.90.1

301 Moved Permanently

166 B

URL HTTP/1.1
bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/
IP
209.94.90.1:0
ASN
#40680 PROTOCOL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - JavaScript obfusction
openphish	Office365
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Mon, 13 Mar 2023 18:13:46 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
Access-Control-Expose-Headers: Content-Range, X-Chunked-Output, X-Stream-Output
X-IPFS-LB-POP: gateway-bank2-fr2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7a9cb518d929d10c471394adc89cdfa
d609cb0d94e645141ab1372f19c014c1b00b83af
200db48dd5e87cba8dc962e8981f72def9c12e21d5a417361c4f77425e55597a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "200DB48DD5E87CBA8DC962E8981F72DEF9C12E21D5A417361C4F77425E55597A"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8739
Expires: Mon, 13 Mar 2023 20:39:25 GMT
Date: Mon, 13 Mar 2023 18:13:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
234b80a5a27f3d377e322e680413479d
3da8ba535ec19898f5b83ece48cd4038ac2bf557
370104df5dd8f739601a4be42ae41bb92f365dcf585823a3c14733f7c394e926

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "370104DF5DD8F739601A4BE42AE41BB92F365DCF585823A3C14733F7C394E926"
Last-Modified: Sun, 12 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7533
Expires: Mon, 13 Mar 2023 20:19:19 GMT
Date: Mon, 13 Mar 2023 18:13:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 13 Mar 2023 17:14:09 GMT
content-type: application/json
age: 3577
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae4d7bec26e013433e638f87260aa632
62384e39bc90d0b2ab92895220f0383e678669f4
b704031d560770485c9552dcf56b911b7b5ad45d8a3f73acd17dbbbeeff294f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B704031D560770485C9552DCF56B911B7B5AD45D8A3F73ACD17DBBBEEFF294F4"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3097
Expires: Mon, 13 Mar 2023 19:05:23 GMT
Date: Mon, 13 Mar 2023 18:13:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dbOLWiSq31GTTyImrsh0yOgLYnPhegb04Que/vhYonP2e4BgxdU1yZ6quMJrhXTSZL1T7Y2trxc=
x-amz-request-id: BEDC91M7KV0NV0J1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 13 Mar 2023 17:46:28 GMT
age: 1638
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2643f403a8cf68b661885f291bbeb23
ae0a41f130f50892c7d6e519f313a6697db70871
744c441e127e0f29576a9630f3f57af70204dbd19fa41e922d422214e4611c0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "744C441E127E0F29576A9630F3F57AF70204DBD19FA41E922D422214E4611C0E"
Last-Modified: Sun, 12 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15817
Expires: Mon, 13 Mar 2023 22:37:24 GMT
Date: Mon, 13 Mar 2023 18:13:47 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 13 Mar 2023 18:13:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/index_files/myscr584876.js.download

209.94.90.1

404 Not Found

213 B

URL HTTP/2
bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/index_files/myscr584876.js.download
IP
209.94.90.1:0
ASN
#40680 PROTOCOL

File type
ASCII text
Size
213 B (213 bytes)
Hash
e0e6de2a31c10e84eab20cf89ca76729
1e52ff953b8adb47dcd97877c24e64a84b077bac
51f56d930536f5afaa9e5523fef1f48a343a4bf70c0193cf99546f9d5bc228a6

Detections

Analyzer	Verdict	Alert
openphish	Office365
fortinet	Phishing

HTTP Headers

GET /index_files/myscr584876.js.download HTTP/1.1
Host: bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Mon, 13 Mar 2023 18:13:47 GMT
content-type: text/plain; charset=utf-8
content-length: 213
x-content-type-options: nosniff
x-ipfs-pop: ipfs-bank14-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.9.1.js

69.16.175.42

200 OK

80 kB

URL HTTP/2
code.jquery.com/jquery-1.9.1.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
80 kB (79506 bytes)
Hash
eedaa99c27efeaaa889e7671884046dd
a72f2a0c82eeb4a52176da1c0f3f3befe6962af3
e133174bc002d07e9e0fa328597b96cb4d0619f06d90813ed8363f234425dbc9

HTTP Headers

GET /jquery-1.9.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 13 Mar 2023 18:13:47 GMT
content-encoding: gzip
content-length: 79506
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-4185d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1678731227.dop022.sk1.t,1678731227.cds022.sk1.hn,1678731227.cds260.sk1.c
X-Firefox-Spdy: h2

icons.iconarchive.com/icons/dakirby309/simply-styled/256/Microsoft-SharePoint-2013-icon.png

104.21.233.186

200 OK

4.0 kB

URL HTTP/1.1
icons.iconarchive.com/icons/dakirby309/simply-styled/256/Microsoft-SharePoint-2013-icon.png
IP
104.21.233.186:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
4.0 kB (4033 bytes)
Hash
3a583cb9b1e02f29498c63dcf6422f68
dc055fd8bc58c384e2d00a677d9581acf5e4775e
98af5967761222708dc79f43df493e4cc2e085376bf8d50be5560d6c6e1fa7de

HTTP Headers

GET /icons/dakirby309/simply-styled/256/Microsoft-SharePoint-2013-icon.png HTTP/1.1
Host: icons.iconarchive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 18:13:47 GMT
Content-Type: image/png
Content-Length: 4033
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 10:06:28 GMT
ETag: "63e222a4-fc1"
Cache-Control: max-age=5356800
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2fr0N9l%2FloECka%2FA5e9ma3nCtFnudjo1ca%2FXXWOSdMpA29gdKBm6rcsZPxszXWYcIXr0f%2BUAZpAqRi%2FLKn3iK59HgCsZsvg9HqNxhrz5rsxicLpqezaF%2Bz5oj3Aj4u42G7qAH3DRXI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a7640bb5f39417f-LHR
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Pragma, Last-Modified, ETag, Retry-After, Cache-Control, Content-Type, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 13 Mar 2023 18:06:47 GMT
age: 420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b426c61dbf49129b0554669c6666e025
6b329663868aac72e296a4c594d46b542f7003e7
6349d43a437729d91c0739616283458cbc123bd6d056522f68cd48b89364ea95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6349D43A437729D91C0739616283458CBC123BD6D056522F68CD48B89364EA95"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15419
Expires: Mon, 13 Mar 2023 22:30:46 GMT
Date: Mon, 13 Mar 2023 18:13:47 GMT
Connection: keep-alive

push.services.mozilla.com/

52.40.48.115

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.48.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FOaBgwsiJmwCedxTF8AbMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6MJmZS+VzrQ1zD4/oXUqP8fjv0U=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Mon, 13 Mar 2023 20:20:53 GMT
Date: Mon, 13 Mar 2023 18:13:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Mon, 13 Mar 2023 20:20:53 GMT
Date: Mon, 13 Mar 2023 18:13:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Mon, 13 Mar 2023 20:20:53 GMT
Date: Mon, 13 Mar 2023 18:13:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Mon, 13 Mar 2023 20:20:53 GMT
Date: Mon, 13 Mar 2023 18:13:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4512 bytes)
Hash
26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Wqeeb_wUrrQ62pbbReffhKWx1NeYL67CGmOFZgV-c5BD-JrbB1ud1g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:40:57 GMT
age: 73972
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10872 bytes)
Hash
cc6b9225b635519ff0e90400781c6676
e576ab2c5b08780162d104a060c873f52b221538
6dfe0bff6f08723604b2e4805b53dbc1907a8e6f7f56b06c110fbb8f344034d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10872
x-amzn-requestid: a67f345f-0aa8-4802-878c-0a0c6a3fd839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BpyS7EvVIAMFgBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d6412-1a18587d039d312d10829c20;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 05:33:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TM6z8u4avm7DTwM3lCC5eEyAWlprm41CmTH-_u3LIYaMXsvSL67e8A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:17:12 GMT
age: 71797
etag: "e576ab2c5b08780162d104a060c873f52b221538"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5853 bytes)
Hash
bbfef97312a1bc4792615717a63a48ba
1008882db3829f830b0f58c9c5b09792e844a31b
2b096364b450b4845252b7a22a9f9aadadf220e7a6a4134558647d308529d2a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5853
x-amzn-requestid: c8b1593f-4bd9-452d-a904-87b58194d599
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_WlHEwoAMFyqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e45c3-461a986e5a5544cf574899e4;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:36:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C6xTwOtJHWOoB4SIZ7qDzhmjdyRpZtrJEQ4iSWw5SHWVIKSxfirSCw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:13:56 GMT
age: 71993
etag: "1008882db3829f830b0f58c9c5b09792e844a31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4743 bytes)
Hash
780098f209d535b5c802e280f41c2ed7
6d895fec65f4d11af82d1a417fdec5d2df2a9cd1
5b66b48774c284e271f0e4938e304b98e8e3642c9e479768b64fe4186055e886

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4743
x-amzn-requestid: 307f30a9-ba32-4ff5-a987-990d05f07b64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BpjcvEHvIAMFR-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d4c51-3f20ae277aa76e175a7a3c44;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 03:51:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GK32TQleZvqJHU-cz2Je8NZ9Bs3VPw0qaWuLVsWRK_o5WQxzwQvjKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:17:15 GMT
age: 71794
etag: "6d895fec65f4d11af82d1a417fdec5d2df2a9cd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6857 bytes)
Hash
193459785f7b9edc4c0407e12d61670d
69158749f88794aa299b565ff56478652adb34b9
22fc0bc65444635237b1d616240526823193e94a6ad567985c5db416deb315ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6857
x-amzn-requestid: abeb0887-c368-4222-998f-5509c4e2b8ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeuEHmIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff91-6650e7e10a8691ad059e5731;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: NjmaNa9Ou7mi0l7BJhesl-101jcnNK3wzNPkauRpW9jv2DNl4fHLuA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:07:40 GMT
age: 72369
etag: "69158749f88794aa299b565ff56478652adb34b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6053 bytes)
Hash
6a4d6ee7d459e2a9b742d0dbca932998
eada4a4de40e5035173bb18ee51aacd624b8b169
2e6eef4f452ef3700d4c9d06e8c3bf8999e077e24c332ab4670edd0884839d38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6053
x-amzn-requestid: 5f306311-ac84-4ce2-b9c2-6af31c110062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb-FD5oAMFwJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-61fea28e45516fad0d30cf65;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tR-qn6sx9NxkJ-_iBwhflo6MQ7iz_VMAIkGaxDnU2s89NnKv99o9bA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:09:20 GMT
age: 72269
etag: "eada4a4de40e5035173bb18ee51aacd624b8b169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/

209.94.90.1

200 OK

0 B

URL HTTP/2
bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link/
IP
209.94.90.1:0
ASN
#40680 PROTOCOL

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - JavaScript obfusction
openphish	Office365
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u.ipfs.dweb.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: openresty
date: Mon, 13 Mar 2023 18:13:47 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u"
x-ipfs-gateway-host: ipfs-bank16-fr2
x-ipfs-path: /ipfs/bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u/
x-ipfs-roots: bafybeihj3aggnoapzas67usgahfzx4jfcy52ngxqlrnawp5qoajkfnty7u
x-ipfs-pop: ipfs-bank16-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
x-proxy-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (25)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2