Report - s.sloffer1.com/44543/7383/23465/?aff_sub4=ALGO_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&source=102911fbe423696e9e213ac4c58b82&bo=2753,2754,2755,2756&aff_sub5=_{host}&aff_unique5=7114

Report Overview

Submitted URL
s.sloffer1.com/44543/7383/23465/?aff_sub4=ALGO_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&source=102911fbe423696e9e213ac4c58b82&bo=2753,2754,2755,2756&aff_sub5=_{host}&aff_unique5=7114_{host}
IP
52.1.220.62
ASN
#14618 AMAZON-AES
Submitted
2022-12-27 15:58:57
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
t.crdefault.link	674725	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	655 B	3.1 kB	54.230.111.117
a.vfgtf.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	903 B	1.0 kB	18.192.108.151
jwbvdz.exceilentdate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	879 B	63.32.216.166
detectportal.firefox.com	1601	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	428 B	34.107.221.82
s.sloffer1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.4 kB	3.218.135.42
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	1.5 kB	142.250.74.106
getpocket.cdn.mozilla.net	1369	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	35 kB	34.120.5.221
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	197 kB	35.241.9.150
shavar.services.mozilla.com	3602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	204 B	35.162.174.146
cdn-dimi.akamaized.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	184 kB	184.31.15.67
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	70 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	18 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.82.246.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-27	medium	jwbvdz.exceilentdate.com/ortb	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1	59 B	2023-03-07	2024-02-05
Pretty URL jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-02-05 05:17:29 Times Seen226 Hash 1c60fafc35ecacdc565eb89ea49d4031 4078fa60124cff253aa8393e5862dda6661291c3 401ad5bdcf3096e609228faad2bf8374f1452257dec27f207d36f0c2d9633158 Loading...

	jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1	25 B	2023-03-07	2024-02-05
Pretty URL jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:52 Last Seen2024-02-05 05:17:29 Times Seen574 Hash 2d41d60a42497a65eec45b94de3c8bba ae34889e77f52741f04772e8ea5a012b45f1fb69 28cff31264d4ffb57f25808f303a8e26c94ff6eb2337314d471c5a936d433dba Loading...

	jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1	7.5 kB	2023-03-12	2023-03-12
Pretty URL jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:17:08 Last Seen2023-03-12 09:17:08 Times Seen1 Hash 835589353d26db13ba736b07dc676711 1a2f7ac8c0c4a1a6d679f651aac20c16781ad59f 598e30622246a071d7ff616fbe21dc588cebd022fa8a843eefe01f12eb8113c9 Loading...

	cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates.js?1669909893	94 kB	2023-03-08	2024-01-10
Pretty URL cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates.js?1669909893 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:04:14 Last Seen2024-01-10 05:28:35 Times Seen157 Hash 6324d6d9c30698e2157f74377a990e7c 3b7c380976b00a575974331a504d6210e3487d46 9d77e7d57912503d2d2572abd42e13e5fdb0b7841247837739418e1e6ba853aa Loading...

	cdn-dimi.akamaized.net/landings/277388/1669909893/js/translate-popup-timer.js?1669909893	3.3 kB	2023-03-08	2024-04-18
Pretty URL cdn-dimi.akamaized.net/landings/277388/1669909893/js/translate-popup-timer.js?1669909893 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:41 Last Seen2024-04-18 00:29:12 Times Seen288 Hash e87a84612ebce6b2a84f41ef7f6d40b0 fa22c93e2d9672f9d3d7e52304ffbb9425d49186 6ab40ce148d5bd7e60bcfb447765c7f54394e318da80970c8b636d2d5fe122ec Loading...

	cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates-review.js?1669909893	40 kB	2023-03-07	2024-01-10
Pretty URL cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates-review.js?1669909893 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:56 Last Seen2024-01-10 05:28:35 Times Seen157 Hash 1933dcd305e29148845fdd372197ee4a 3b985ad139982707a0837ca6a9b97dfcf5586781 44a4ec30717833773be4c3d4bd6e23fc273599d631a489951a1ffeded7bcb0a0 Loading...

	cdn-dimi.akamaized.net/landings/277388/1669909893/js/title_tanslate.js?1669909893	3.0 kB	2023-03-08	2024-04-18
Pretty URL cdn-dimi.akamaized.net/landings/277388/1669909893/js/title_tanslate.js?1669909893 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:05:28 Last Seen2024-04-18 00:29:12 Times Seen3623 Hash 5f373fa5bf21c44b9ad23b70ef96e73d 068ef5b63ab18924a286f2c0c3ec46545e08c678 7f40bc2c95ee280de5320ae7d33f2e57eeeb0cda5b5820f2c456a0c9ba50ed77 Loading...

	jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1	46 B	2023-03-08	2023-03-13
Pretty URL jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:43 Last Seen2023-03-13 01:54:55 Times Seen1 Hash 0fd47ca79597882be2ae0790464a8f78 8e7eeb42fc0df517ab9a641dd7dd54cee9892b9b ef024e3d5e0e12b6cb7438ac07be21fedd70c15d33eb825a01647f945a1082ff Loading...

	jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1	378 B	2023-03-12	2023-03-12
Pretty URL jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:17:08 Last Seen2023-03-12 09:17:08 Times Seen1 Hash 033298884b630d8d1ee732d00c1549a8 4f3c753a7d1c6bad0489a9b8f025b2180a64eab1 c1228a5328f7cc449c714f9d01f82cb90a809ab79feffa25840d1e26e98cdb5a Loading...

	jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1	1.1 kB	2023-03-08	2024-02-05
Pretty URL jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:41 Last Seen2024-02-05 05:17:29 Times Seen184 Hash 6d6757e1046ede058d7eb5bd399fc6cb 758deeffba812b6cac1ec4f8ad186a302623a3fa f9fb6be0df8f67ff4099a0ecf8f946302b4c762d9e7dd5b8a430836343b8c229 Loading...

	jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1	3.4 kB	2023-03-12	2023-03-12
Pretty URL jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:17:08 Last Seen2023-03-12 09:17:08 Times Seen1 Hash 7ccbaf422564b9f0619bea1968093a6a d85a7049c8c63ca5a9b1d2a5d6756fadc4ecf111 2be9ed0774bc2d14555c5ba5ac123846a0079208d2e5dec9b4cfc9c914020c3d Loading...

	jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1	2.1 kB	2023-03-12	2023-03-12
Pretty URL jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:17:08 Last Seen2023-03-12 09:17:08 Times Seen1 Hash b0fb12dc705f4811492ceef36684f0fb 12ff189a32ef8786aac5bbd6fa05547d8bfb3606 fecc595486e61196310846b4804d84eb49ca0f58e34c9bc931ca934671f8d7ac Loading...

	jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1	3.1 kB	2023-03-12	2023-03-12
Pretty URL jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1 IP 63.32.216.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:17:08 Last Seen2023-03-12 09:17:08 Times Seen1 Hash c9c109070c326a98704daec094f0ba73 3f01e7cd9b6a9fdbf33b6f01fb66f48675746650 a4490cb99c748eb7908a936d9c745a91b856d09a5232f26fcd63883280f5c110 Loading...

	cdn-dimi.akamaized.net/landings/277388/1669909893/js/jquery.validate.min.js?1669909893	24 kB	2023-03-07	2024-04-18
Pretty URL cdn-dimi.akamaized.net/landings/277388/1669909893/js/jquery.validate.min.js?1669909893 IP 184.31.15.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-18 00:29:12 Times Seen1728 Hash 23d73c6bd6cbea8f06d0cc227896a827 3815cf11e1020ac70cc86789ba2adaf07d3db434 6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 10:09:32 Times Seen36956118 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (76)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 26 Dec 2022 19:30:23 GMT
Age: 73698
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

s.sloffer1.com/44543/7383/23465/?aff_sub4=ALGO_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&source=102911fbe423696e9e213ac4c58b82&bo=2753,2754,2755,2756&aff_sub5=_{host}&aff_unique5=7114_{host}

3.218.135.42

303 See Other

564 B

URL HTTP/1.1
s.sloffer1.com/44543/7383/23465/?aff_sub4=ALGO_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&source=102911fbe423696e9e213ac4c58b82&bo=2753,2754,2755,2756&aff_sub5=_{host}&aff_unique5=7114_{host}
IP
3.218.135.42:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with very long lines (564), with no line terminators
Size
564 B (564 bytes)
Hash
15f72ca4f7cd919c0a23bfe159ecee0e
d65bd97cd1e9856773adbbd91ef862672d4bff56
573c34b4306e17daa4a258a815fd6ef37ced4dc8ce78f938a294aac2c4c9b1af

HTTP Headers

GET /44543/7383/23465/?aff_sub4=ALGO_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&source=102911fbe423696e9e213ac4c58b82&bo=2753,2754,2755,2756&aff_sub5=_{host}&aff_unique5=7114_{host} HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Server: nginx/1.19.0
Date: Tue, 27 Dec 2022 15:58:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 564
Connection: keep-alive
set-cookie: aff_ran_url_7383=23465; Path=/; Expires=Wed, 28 Dec 2022 15:58:41 GMT; Secure
enc_aff_session_7324=ENC037148ffa9b6296e0eb7d72d9197ba7cb698a88fe3211e0b01d9f84f2aeadb3135ed0318aef5643b72ca3b3e0d0974a9286518f79da8eda7e9a8f68f2d2ed5696b445b44e4b104b65bcde3b998d85189a7a388f47618ecb7c64be86da1559026fe15f1ac749541a9e82ca6672d00236b860c862d1ee18db3c96d9dac817901a2e04f11402d3eb65b1d08484fc9c5df8fba970fb5f6ba9547367929ba53ace105241392731683cd3de0c2f5d3c13be479b1f575e3116d2594afa2b33f95454b3a2ec52f849f61b6ab86b27792173323e2ed5d7e93c1dcfeccecfefdf12f5de2b1e02e2510daabab92b7c04e50e6c052454e42c85526c0f904b25db259be5efd4c97123f4ce0; Path=/; Expires=Fri, 27 Jan 2023 15:58:41 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Fri, 21 Nov 2025 02:38:41 GMT; Secure
tracking_id: 102e1715a97a386d2ae3c20c37d8d7
location: https://t.crdefault.link/44543/1?aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&aff_sub4=ALGO_bucket&aff_sub5=_%7Bhost%7D&source=102911fbe423696e9e213ac4c58b82&bo=2753%2C2754%2C2755%2C2756
vary: Accept

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cff9d781009ede08cc5f4f62b501809e
2c999f69a940a9a3d9f6d13fe051a55c52398287
ac762850f8bdcaa671d4155e97a201bbd604ef89cecfad177509d492407e6986

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC762850F8BDCAA671D4155E97A201BBD604EF89CECFAD177509D492407E6986"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8802
Expires: Tue, 27 Dec 2022 18:25:23 GMT
Date: Tue, 27 Dec 2022 15:58:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb20c18681040b740ab1730562beb45c
abedefb801b0e13987d6619a77e0368771f9dfcb
288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10349
Expires: Tue, 27 Dec 2022 18:51:10 GMT
Date: Tue, 27 Dec 2022 15:58:41 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

34 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34505 bytes)
Hash
bf24814abb2e65561d42151b975ce594
1c37bf7b8af022921aeac32e93a74e69fd23ae53
a61f060a54b3774c3ff86664738982a79bb191f91b9526f27d44181dbbf2532f

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: nU0UQRY4xshVHbyTvHCd0JOLQ1ihflCWBilsVH1WIQNg5ZF7MbQu-Q==
content-encoding: gzip
via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 15:46:09 GMT
age: 752
content-type: application/json
content-length: 34505
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5154
Expires: Tue, 27 Dec 2022 17:24:35 GMT
Date: Tue, 27 Dec 2022 15:58:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FWitPBGO0iq/NWpgKXwmE86Ix75qR+vo0/q51uy1ek9MlNEB2f2+BxHHpZkBWlyND36zf8r/U04=
x-amz-request-id: 3GSQH5GWN7PAE425
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 15:27:09 GMT
age: 1892
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
67f508aae634a023b587a7129a5b8039
2ff7e1d29b497147941d0abf581411cbd2722d7b
eee5fda5214bd4f75b0934bb1f14429fe01251628026fd0f18f117b38848601c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE5FDA5214BD4F75B0934BB1F14429FE01251628026FD0F18F117B38848601C"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3406
Expires: Tue, 27 Dec 2022 16:55:27 GMT
Date: Tue, 27 Dec 2022 15:58:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 15:46:39 GMT
content-type: application/json
age: 722
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 15:58:41 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 15:08:07 GMT
age: 3034
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
767eb2685fa5549430e871f248ed9312
009016087d5173487010f4db7edd7600b3ef2eb4
d98640904dce470f826884d0062136a0ba06a5824cdbd47eaf1b535de424a3cd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5184
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 15:58:41 GMT
Last-Modified: Tue, 27 Dec 2022 14:32:17 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

t.crdefault.link/44543/1?aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&aff_sub4=ALGO_bucket&aff_sub5=_%7Bhost%7D&source=102911fbe423696e9e213ac4c58b82&bo=2753%2C2754%2C2755%2C2756

54.230.111.117

303 See Other

1.1 kB

URL HTTP/2
t.crdefault.link/44543/1?aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&aff_sub4=ALGO_bucket&aff_sub5=_%7Bhost%7D&source=102911fbe423696e9e213ac4c58b82&bo=2753%2C2754%2C2755%2C2756
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (1100), with no line terminators
Size
1.1 kB (1100 bytes)
Hash
da32753682f5c533469f702db22210ea
31da38fb5835108a03bcdea09c2a87c06feab99e
3c86a45ab7e802a6a7f93be993334dae489f4d3a462ec29c5a4052e1470a4c9c

HTTP Headers

GET /44543/1?aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&aff_sub2=7114&aff_sub3=wa40ojkk30af1nfli0teaj6a&aff_sub4=ALGO_bucket&aff_sub5=_%7Bhost%7D&source=102911fbe423696e9e213ac4c58b82&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: t.crdefault.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 1100
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&affiliateID=44542&source=102b666f92469c746d7a290cf62386&subID2=44543&s2=102b666f92469c746d7a290cf62386&s3=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&s4=44543&url=1&affsub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&affsource=102911fbe423696e9e213ac4c58b82&aff_click_id=102b666f92469c746d7a290cf62386&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Tue, 27 Dec 2022 15:58:41 GMT
set-cookie: enc_aff_session_3785=ENC03a2a383c5fdf7e57dd1622bd49521f3ca45e1b6b8fa88adbac5f01d6c1b063b36d25ed614cddd8596f46226e51a5fcc6778f01ff331ba1a137c7ac87128fed800b59e3a8d671bad46a7675b791f5a45ea0e1dcd519577af70424d27fe7ba3d0359dcee4e5061b31c63eaca7c9f15f980d431f1934e88152cd4dd26962671d505b90a0d01185d86ef4a991e5350db201274ccf87b4f7574493ec00430790a24b910c49cb7cffecf085b45053c7f972c2bfd843d46fa1a116f75aa919669c370119ad79f12fa2d0fbda4ecd0a7d9ebf85d9bd38c02a0e616ef0d3e34c2ed7369fef076582c2; Path=/; Expires=Thu, 26 Dec 2024 15:58:41 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Fri, 21 Nov 2025 02:38:41 GMT; Secure
tracking_id: 102b666f92469c746d7a290cf62386
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c_7oOD-ZaPi83TjRcLZ70v2XJVFTdlsR0ESG_RLQY1Sr9fTJo3-F3A==
X-Firefox-Spdy: h2

a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&affiliateID=44542&source=102b666f92469c746d7a290cf62386&subID2=44543&s2=102b666f92469c746d7a290cf62386&s3=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&s4=44543&url=1&affsub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&affsource=102911fbe423696e9e213ac4c58b82&aff_click_id=102b666f92469c746d7a290cf62386&bo=2753%2C2754%2C2755%2C2756

18.192.108.151

302 Found

0 B

URL HTTP/2
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&affiliateID=44542&source=102b666f92469c746d7a290cf62386&subID2=44543&s2=102b666f92469c746d7a290cf62386&s3=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&s4=44543&url=1&affsub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&affsource=102911fbe423696e9e213ac4c58b82&aff_click_id=102b666f92469c746d7a290cf62386&bo=2753%2C2754%2C2755%2C2756
IP
18.192.108.151:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&affiliateID=44542&source=102b666f92469c746d7a290cf62386&subID2=44543&s2=102b666f92469c746d7a290cf62386&s3=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&s4=44543&url=1&affsub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&affsource=102911fbe423696e9e213ac4c58b82&aff_click_id=102b666f92469c746d7a290cf62386&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: a.vfgtf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Tue, 27 Dec 2022 15:58:41 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.sloffer1.com/44542/3458/0/?aff_sub4=_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&aff_sub2=44543&aff_sub3=w6ukc0e6ek582nfliajk1o0e&source=102b666f92469c746d7a290cf62386&aff_sub5=_102911fbe423696e9e213ac4c58b82&aff_unique5=44543_102911fbe423696e9e213ac4c58b82
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=-immSzNhp3LZjY2RT6nfXWLmsRtKUnmFe3zkKF0KrQI; Max-Age=86400; Expires=Wed, 28-Dec-2022 15:58:41 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=Cxrwu1yi8RfURav4lj9sJcziLuXBuiaOha1dVNAZVqIhJC4gKjbw7lrEsrKDY9LIN1Xxh6Tz9NEUQqCq5aUbdrC4zjeNEL0QgeAdluPTNuQ28c74uOpdEpKmT4bXP1%2Fck1kYlSjA3PRG746vZ9VZZA%3D%3D; Max-Age=31536000; Expires=Wed, 27-Dec-2023 15:58:41 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 26 Dec 2022 19:30:23 GMT
Age: 73698
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60b8396db0bbfa5f2ae7e34c9d04ebcc
50b6c68aa2b2a459315a9989f5d3e326e8ad5539
c10a1e0f984b121958a5cfa3b45b746db85d33c9073fcacb019d9bb27ef3b073

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5122
Cache-Control: max-age=153215
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 15:58:41 GMT
Etag: "63aab5ae-1d7"
Expires: Thu, 29 Dec 2022 10:32:16 GMT
Last-Modified: Tue, 27 Dec 2022 09:06:54 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

35.162.174.146

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
35.162.174.146:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 27 Dec 2022 15:58:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

push.services.mozilla.com/

35.82.246.186

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.246.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bJ0Yc3R4LpqwjWsRU0YHAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KVWncyWc41iYRJKzGwKUVv94fSM=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
28006073a1e0b66ff6c88b9c49fb2386
cf72bcf258fb8f5e445bb72b1a80c1f95310ef5b
716f10f35db99fa4f5b6b932dc416ad70941f4de6c6703501906286707a4e328

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "716F10F35DB99FA4F5B6B932DC416AD70941F4DE6C6703501906286707A4E328"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4313
Expires: Tue, 27 Dec 2022 17:10:35 GMT
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive

s.sloffer1.com/44542/3458/0/?aff_sub4=_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&aff_sub2=44543&aff_sub3=w6ukc0e6ek582nfliajk1o0e&source=102b666f92469c746d7a290cf62386&aff_sub5=_102911fbe423696e9e213ac4c58b82&aff_unique5=44543_102911fbe423696e9e213ac4c58b82

52.1.220.62

303 See Other

500 B

URL HTTP/2
s.sloffer1.com/44542/3458/0/?aff_sub4=_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&aff_sub2=44543&aff_sub3=w6ukc0e6ek582nfliajk1o0e&source=102b666f92469c746d7a290cf62386&aff_sub5=_102911fbe423696e9e213ac4c58b82&aff_unique5=44543_102911fbe423696e9e213ac4c58b82
IP
52.1.220.62:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with very long lines (500), with no line terminators
Size
500 B (500 bytes)
Hash
8727464b80293846463808e488d584fe
92cdd04140389e5d2d3030f71c8938e73ff684bd
6fd49e8850f067f3f9b0e18b0c91d1f0f1ee1a78050f60866cf802de3e31bb67

HTTP Headers

GET /44542/3458/0/?aff_sub4=_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B102911fbe423696e9e213ac4c58b82&aff_sub2=44543&aff_sub3=w6ukc0e6ek582nfliajk1o0e&source=102b666f92469c746d7a290cf62386&aff_sub5=_102911fbe423696e9e213ac4c58b82&aff_unique5=44543_102911fbe423696e9e213ac4c58b82 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 303 See Other
server: nginx/1.19.0
date: Tue, 27 Dec 2022 15:58:42 GMT
content-type: text/html; charset=utf-8
content-length: 500
location: https://jwbvdz.exceilentdate.com?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1
set-cookie: enc_aff_session_3458=ENC03912920ac4bfc945d027fdb53866354fe31507d86645cee2ff8a93f83ba8b29040726668f04c92d1b4efb04e6ac99ca1e555dcc7e435f78c33ea2425604f1be284636d56db3f260bed851cbe9e2467810abdd3d2f32b6ee179aa62fff1e5fa61df7f3c52ebed007e1cc151dd33ad5a7d7e24a784aa7242ae3ed12c4a6bc6fb55d7680a568e84745cb094c6302a5f574b2b46f30b7874b6656591c8334b15fa2c85fb9bd50d3b2ae3560cce040d9f73fc56e92a4d5ddc6538ce819f61b4da59ee0dc53b070680fb3491a4a930d09b4fef995e138b8232963ff6cf701dda36677c94913390bd46887b2fc04c367ef314aa04c0978820fc48d412c1c53ad2ff6eeedbc9120f767e3fbd7cd7f28dd6f4a46c1544851fe22497a9b6f6b75229e31d8f70c0067de; Path=/; Expires=Thu, 26 Dec 2024 15:58:42 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Fri, 21 Nov 2025 02:38:42 GMT; Secure
tracking_id: 1028a8f5be97f68be84b44a1ff6cd5
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221672153034030%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221672153034030%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size
22 kB (21675 bytes)
Hash
0b1bdc37ff72ee70709541ac212f0f69
531f7eba388bcf9cd96aac21361fc35bef1d629f
95e3d2ee0fc0845fc7fb9c03e14fe4593d0330696a6543279644439e5453c601

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221672153034030%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 27 Dec 2022 15:01:57 GMT
last-modified: Tue, 27 Dec 2022 14:57:14 GMT
content-type: application/json
age: 3405
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670999839770&_since=%221666204638208%22

35.241.9.150

200 OK

10 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670999839770&_since=%221666204638208%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (10225), with no line terminators
Size
10 kB (10225 bytes)
Hash
1dd00d9ad669a01dcba3767f9bfc879c
16bb8034925b2511150cd6581e2a43890b07ba92
6aa9828374e46091299884379441fbeafe35d1afc7dc43471247cbf1c7773749

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670999839770&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 10225
via: 1.1 google
date: Tue, 27 Dec 2022 15:08:33 GMT
age: 3009
last-modified: Wed, 21 Dec 2022 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
743c189c79a85e81c6d2673f5bd7e8e4
f05846250a96022350fcee489be7c6ff5b52c31b
39d974f240014ff7a8d7a947fb1e97897ecbe501dd8e4dcf19a34750f4cb2d1d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39D974F240014FF7A8D7A947FB1E97897ECBE501DD8E4DCF19A34750F4CB2D1D"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11600
Expires: Tue, 27 Dec 2022 19:12:02 GMT
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: s3alDyyEpYVf/sGYJVRWwA9MfS3kN6qvp8NEtNBTEh98AK/Iaq66nGSyQ65Yx39JhJmuQ7eH6tld/aAq8gHGhw==
x-amz-request-id: 050VB7JD78C0RB7A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 15:57:55 GMT
age: 47
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1718), with no line terminators
Size
1.7 kB (1718 bytes)
Hash
8e36d99da85cd8b09777f5cdac06b10c
8c4ff70ce97c226d1be3db946c452c10b8cf39a4
b969610ff4fc219ccfc9132811a585f6f271cbf07d0b4f719dc27cb7b8e7a658

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1718
via: 1.1 google
date: Tue, 27 Dec 2022 15:57:19 GMT
age: 83
last-modified: Sat, 24 Dec 2022 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/277388/1669909893/css/reviews.css?1669909893

184.31.15.67

200 OK

890 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/css/reviews.css?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
890 B (890 bytes)
Hash
466f426463119d3aace3b644141b966d
f33a2d1438c11e875eef7835560eb4e6b9f95174
e9476ac8c7fcbbb31de32e4b81f29ddb7cb00e69e89fc0672126384d8e24b2fd

HTTP Headers

GET /landings/277388/1669909893/css/reviews.css?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: KiGLe+/KGxY9Fm8u2NQ0rUkvbmtCrZmQrov0Du7AykxUjCCE7JA2Hrb73lRALUEArSG5c4pATRA=
x-amz-request-id: HHREQKHDEZM7CHC7
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "02fc738b862d5e88721cc902804c9b07"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 890
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/css/timer.css?1669909893

184.31.15.67

200 OK

706 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/css/timer.css?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
706 B (706 bytes)
Hash
d17de96a078697a128af6d9710a97f97
caf9b62ce9227e30063485e62260c4cf11a08b1d
2b8e8317d4a773fcd62f862e5045bd4a0eef242b25fe7ac3ddbd355238842def

HTTP Headers

GET /landings/277388/1669909893/css/timer.css?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: NfmU2tOo0YNHRe2zFAcr8PZ+rWiWgDmDGi4NTr+yw1460ZXi5G/M0kwcSKgt10DQ9KGn57BSBfY=
x-amz-request-id: HHR4S3X2NNG0ZYQE
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "4e1a14660a47095c0800554d16bc976d"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 706
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/css/style.css?1669909893

184.31.15.67

200 OK

2.5 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/css/style.css?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
2.5 kB (2525 bytes)
Hash
3a9e218cc897678a6788880abf0160ff
203c09dfe805bf819b1892fdecdf6291e5252a15
e75408a5801e512c02b9a15f11ebdb0ff9fd750aa2e59dadd89bd911b85156de

HTTP Headers

GET /landings/277388/1669909893/css/style.css?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: f5VAymymq0tqf4LnXLsR+O1NVNgx6eoakWETaDw6DexC/ZIPbdv9Jt52Ae3AqycM7Huyhy28lyA=
x-amz-request-id: HHR66K8H91R1X658
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "601cae70cc2392cc82bb0880a52c34b2"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 2525
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/css/popup.css?1669909893

184.31.15.67

200 OK

638 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/css/popup.css?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
assembler source, ASCII text
Size
638 B (638 bytes)
Hash
022e4069739fdcff450b70f51d797042
77454d10095021822fe0c7dbcd0087d221cdd517
2c8feafab8ab925a45b46d96f13dd9c36b1d8eec4a04751db4a869701d212a47

HTTP Headers

GET /landings/277388/1669909893/css/popup.css?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qDraqSCwnI5tz3ECL0cWvOmw87wqyk9dUKAeTCCv3Zc3VzCK5J3lJNCnoQ9Z8QLS/v1MW2RYRcI=
x-amz-request-id: HHR59KQMF638PZ6W
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "8a876cdb790f9d5309812f3655502d26"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 638
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/jquery.validate.min.js?1669909893

184.31.15.67

200 OK

7.8 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/jquery.validate.min.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (24228)
Size
7.8 kB (7815 bytes)
Hash
f808399407c6ac496fe830d5deacb05f
151039ee8631ce8ff989c5cf795c2feba950a499
21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958

HTTP Headers

GET /landings/277388/1669909893/js/jquery.validate.min.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: e5uvJ4HCxfAKSL9ipCqodHr7ZLfLcORi+m7s3TgI1OU/DaLHU7AjWdq10Ak++sVc1bNwUpIw8Rw=
x-amz-request-id: HHR0Z7R9KT3FG908
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/jquery-2.2.4.min.js?1669909893

184.31.15.67

200 OK

30 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/jquery-2.2.4.min.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494

HTTP Headers

GET /landings/277388/1669909893/js/jquery-2.2.4.min.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: dpNKpxkLGveae5kYfhScKtKeZCBpaklwMaB/td4lrXfUS/ZhSe1iNxp7YQFFFpBymRP5Q+5MOg+9CYcimeo+MQ==
x-amz-request-id: HHR6YZHPZGSQDE44
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/title_tanslate.js?1669909893

184.31.15.67

200 OK

1.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/title_tanslate.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1298 bytes)
Hash
0e212ad4454c941c45c2e57df42c2b4f
fe9d7c484c2c0d7a6475692ef984c53a06c95406
e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3

HTTP Headers

GET /landings/277388/1669909893/js/title_tanslate.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: wxpI0X7PW0J4cC536DplOIc0p/JVL96cxWpbburATvCs7diSQy/ALnGaT4chF/bsUOUX+2L2ag8=
x-amz-request-id: HHR8J5TBX4QK307K
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates-review.js?1669909893

184.31.15.67

200 OK

14 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates-review.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text
Size
14 kB (14048 bytes)
Hash
9c292591c0532df07caa6a0a0c00065b
f998699809120f0c21d7333f4850822b4d84d2a5
c46389b9213c4e1ce9789b380a319496fff7b7c04b15ab4235bd438cf99bdcbe

HTTP Headers

GET /landings/277388/1669909893/js/translates-review.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 7vEMKYnTyBHgkxbzQKWwBHDkTzdAkTNB2SblIYnnHvrtSAoYQOBE6jXukEm0HKz5pPkYw6mr75g=
x-amz-request-id: HHR53V3981G9500T
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "1933dcd305e29148845fdd372197ee4a"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 14048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/timer.js?1669909893

184.31.15.67

200 OK

903 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/timer.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text
Size
903 B (903 bytes)
Hash
24af8e8209962d30b5e6bb428d28489c
a00033869880cf83bc81fde7874242d838b59e34
52fe1029652b5a0576cdae96e8278900eb7eee3f81a1ae66ea88129aa6f3f924

HTTP Headers

GET /landings/277388/1669909893/js/timer.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: EGzvzkPfPRvoDCYd/9JEBlJ9dGm8axFvk8pVhADTbGooVZ5w5cI1R40BQHjZ1NmRt0dN3JdoQwA=
x-amz-request-id: HHREXHK1XHWZDT5W
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "3350ef7fbc19030e06999dbb12a2c9b0"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 903
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/translate-popup-timer.js?1669909893

184.31.15.67

200 OK

1.1 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/translate-popup-timer.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.1 kB (1080 bytes)
Hash
b8caed488bbb08c2414fb1c79c9c8d35
8bda431010a9d7666cd6c2c15f9a3b7f81634ed8
d72877ab0432583bfed248050bf32ad260c7b06c4e20a714d07ee65e7948ee0c

HTTP Headers

GET /landings/277388/1669909893/js/translate-popup-timer.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: gqAupR9CJkWq0wEh3VCf5qabhdlv6VSgefPYX1uMT8dGCkLOT/P62Qqv99Ro7FpWC7iV2Sk1d9k=
x-amz-request-id: HHR38WG1E6N59FYA
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "e87a84612ebce6b2a84f41ef7f6d40b0"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 1080
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates.js?1669909893

184.31.15.67

200 OK

29 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/js/translates.js?1669909893
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text
Size
29 kB (29254 bytes)
Hash
5bd51fb068efaa9ec931be840659a801
751b54ed9c0b57d8a390962357ca91223b49a931
e509ead61b32171bc167f5a6a19b7d6b227524c4d63b45d115cabd99f4de6b67

HTTP Headers

GET /landings/277388/1669909893/js/translates.js?1669909893 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: NYSS9fS5R00nJFj1nVZYEry/FJn07EFNaV3qtaRs44jf5tC4P9PQcg/CorbSP+QRcMsN5qygW/8=
x-amz-request-id: HHR9ANPMQ0W1SMHX
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "6324d6d9c30698e2157f74377a990e7c"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 27 Dec 2022 15:58:42 GMT
Content-Length: 29254
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/7-eu.jpg

184.31.15.67

200 OK

2.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/7-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
2.3 kB (2282 bytes)
Hash
8155d8ecc7dc2d9b29cf99ab85c3d2a8
ba784563c7787760b318af24ea274ad6df2c5b89
7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27

HTTP Headers

GET /landings/277388/1669909893/images/7-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qJCLGoTWJYv0lb5TXiHCovGASXEZN8k4Cmo9i4TIfzVbSYaggw1XsH4pVUKFJR8vhGAwJTCsOZc=
x-amz-request-id: SYBT4FHT8XRXKGCG
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2282
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/5-eu.jpg

184.31.15.67

200 OK

2.9 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/5-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
2.9 kB (2879 bytes)
Hash
27109a247208262e6293950ca8f5450d
cea89616d15ad45a0f2b04082dff608abd96b800
86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96

HTTP Headers

GET /landings/277388/1669909893/images/5-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 12mw2SwDsmKOqIBeKUwfvmvim27No52WtdnrPCo1gEl6QQTgp3yPkl1JJh7oZialXK0i7AhqVMs=
x-amz-request-id: SYBS7GGJ9NQ2RWC6
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "27109a247208262e6293950ca8f5450d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2879
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/8-eu.jpg

184.31.15.67

200 OK

2.5 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/8-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
2.5 kB (2458 bytes)
Hash
41bbda91cef3f22db1d45d66f7ca0961
e2f8f56674e0180063a4f8287931dc0b273baf8e
d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e

HTTP Headers

GET /landings/277388/1669909893/images/8-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: jqKDD+V3vcQp//2/C49FzPcNcgu1GVIF56x+ThljVM7axSunlJPMp4wn3pUiVL69UQf9PYMl1MY=
x-amz-request-id: SYBPX3DSTAAYVGTX
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "41bbda91cef3f22db1d45d66f7ca0961"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2458
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/4-eu.jpg

184.31.15.67

200 OK

2.6 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/4-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
2.6 kB (2586 bytes)
Hash
cb3aff7c886e4f72a98172b873b5e62d
33de244dcb4db4abe54b6508ae8d1546eb279aa5
d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e

HTTP Headers

GET /landings/277388/1669909893/images/4-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: g6S2QikgYvuaNmWTGVBc0+CGCpk4yGnUVzOS+M+atwNZM2YNHHsDg6QBZsDqQ/3Cw+M4szOZJm8=
x-amz-request-id: SYBN7C72VENB4YQ3
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "cb3aff7c886e4f72a98172b873b5e62d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2586
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/6-eu.jpg

184.31.15.67

200 OK

3.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/6-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
3.3 kB (3256 bytes)
Hash
9a6870069cb979e16b239f9ed485fb3c
c1dc7f3620c8cc391648c550f91b269b04d3c612
3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818

HTTP Headers

GET /landings/277388/1669909893/images/6-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: XFEqnW6koPROW6uIPHjAYCM05JRAEzLouWqsziLupkLPeibUJ9oVboQSPIE13IikB5bBZOdnrCfoDCr8YyE7bQ==
x-amz-request-id: SYBXQ9C03DY5NZJG
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "9a6870069cb979e16b239f9ed485fb3c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3256
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1671753672802&_since=%221666483264567%22

35.241.9.150

200 OK

50 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1671753672802&_since=%221666483264567%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (50378), with no line terminators
Size
50 kB (50378 bytes)
Hash
0ca549223dabb16b8b3bd172d7ced0dd
2e5ca1fdb0f4d099b0605158633823f952a7535f
49d3852ca45a12a00c21a36c94962d0b1d736e2327112a7845465d1ad8302b4e

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1671753672802&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 50378
via: 1.1 google
date: Tue, 27 Dec 2022 15:47:49 GMT
age: 653
last-modified: Fri, 23 Dec 2022 00:01:12 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 15:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c6af90f016d8e2a96c05a34ddb9ebbab
f1440025eeec8413fbe4e8d6a49779d1c8cdd9ef
77c0e58bd42f70ec82dcbc502a00e4cca6bf4c198c049a2a0181ba6008d14441

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 15:58:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1671650086957&_since=%221666279968541%22

35.241.9.150

200 OK

85 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1671650086957&_since=%221666279968541%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
85 kB (84869 bytes)
Hash
1e70a14472e08bfc245636a97da73555
401164c4fa7a8481ab83e9db40ccab66e65a9803
c1d268072f17581cf3e46fd45337eb696c94383b916932ace7ad46fcc0fe4c0c

HTTP Headers

GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1671650086957&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 84869
via: 1.1 google
date: Tue, 27 Dec 2022 15:36:52 GMT
age: 1310
last-modified: Wed, 21 Dec 2022 19:14:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/277388/1669909893/images/3-eu.jpg

184.31.15.67

200 OK

3.9 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/3-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x80, components 3\012- data
Size
3.9 kB (3946 bytes)
Hash
1dc512dcb0850f22cfa72c789578085c
933e9c5648e782c9f9a1504d2248f0acb4b9950b
7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00

HTTP Headers

GET /landings/277388/1669909893/images/3-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: h84qb7pVDdUKNLwmqvqzFzX4Fx2Q+vtsl/9/RKr7CClZpHgHK2Whyfm8CsiZ8XXPttbQhRj3Jd4=
x-amz-request-id: SYBK15818R8NY5PD
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "1dc512dcb0850f22cfa72c789578085c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3946
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/2-eu.jpg

184.31.15.67

200 OK

2.0 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/2-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
2.0 kB (2009 bytes)
Hash
66b6dc51bd19c799dcadf1dbeb628d9c
ff7fe6049e944186764bfc5041d624ec11f8d362
d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0

HTTP Headers

GET /landings/277388/1669909893/images/2-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: irtSpsHSYVOdvnxhq1K9deClnqKdxGOOvsDsWS3ZOdnM9Bjv4t0cETuSntU2WdW1mz/pkRVwkq8=
x-amz-request-id: SYBPZA5MKR27CDVY
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "66b6dc51bd19c799dcadf1dbeb628d9c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2009
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/1-eu.jpg

184.31.15.67

200 OK

4.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/1-eu.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size
4.3 kB (4292 bytes)
Hash
6e6d0b84c81d847e24671a711115a781
20dc2d359e437dc10ceefea4d3c7b5189c2e58d0
515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553

HTTP Headers

GET /landings/277388/1669909893/images/1-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: HrBHmei8EalB7h779VkIQVyOroLL1ecYhDOxU24MjABz9D7trpA/7cxiuJWZjOntt3nMWBeOtbQ=
x-amz-request-id: AFKBW5KVENC7XM35
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "6e6d0b84c81d847e24671a711115a781"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 4292
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/110010_3.jpg

184.31.15.67

200 OK

41 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/110010_3.jpg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size
41 kB (41178 bytes)
Hash
1cda15cc6238bfbf394087f9e4240c08
d04d25fae912c5c660bfb855b0463e7cfffdc52e
2fccdea801925553b007bf3f67a8a59715589ab98796dbeebe84bb40a8a77ac4

HTTP Headers

GET /landings/277388/1669909893/images/110010_3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: A/wi+W4VJ0alokLfYYliaXmpKpEq861sqCtFpv4kdq+P5O0ljgRCKMhQMGy23waiIkUGwmkCeko=
x-amz-request-id: AFKAHNEBAFAHE16R
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "1cda15cc6238bfbf394087f9e4240c08"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 41178
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/shield.svg

184.31.15.67

200 OK

1.5 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/shield.svg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Size
1.5 kB (1539 bytes)
Hash
0c7a0dfd64cf020cd8a6dc0c3df1dbdf
f705635388aebebae1223d828c38233067f28ab1
856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888

HTTP Headers

GET /landings/277388/1669909893/images/shield.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qHWbXn3OmGKPG0bQ+DmI68Uns0ZsQhFdFFP8t6U10m4n3rhKLNNtfCRAK3l79y8ao2wkEIJKMJs=
x-amz-request-id: AFKB2K13V5P3SEBK
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1539
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/unlock.svg

184.31.15.67

200 OK

2.4 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/unlock.svg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Size
2.4 kB (2378 bytes)
Hash
a732e1e06affb4575c050fdb0131e5ca
da4f4f204a4d22c7424274a91520e0ea993c48c7
e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f

HTTP Headers

GET /landings/277388/1669909893/images/unlock.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: oOWw+1BHDdf+zIzAgOJC2OySjJhu7rDTAFrZtqaIpTpAuyE8NUp6z5GfsQPNsnsK21T5NUGpPNQ=
x-amz-request-id: AFK8JMA3WSZ4BWTV
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2378
Date: Tue, 27 Dec 2022 15:58:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/icon-city.svg

184.31.15.67

200 OK

839 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/icon-city.svg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Size
839 B (839 bytes)
Hash
5f5ead641bc30316f498592eec2016a1
3195aa33596ba190a6584ccb75124dd9d9c13261
f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409

HTTP Headers

GET /landings/277388/1669909893/images/icon-city.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: uVfEiaQzyJJ+v1XGTkuO3Mww9e2YAwUf/oEe8hPj7FSCFa4i//nBChQxt4NJBFcbU8ZweH1QEU8=
x-amz-request-id: AFK0F994N5Y3FH6F
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 839
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/password.svg

184.31.15.67

200 OK

1.3 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/password.svg
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Size
1.3 kB (1339 bytes)
Hash
f42aef7f97d4c9bdb074673081f38ac7
0231df782e371d139c826e091279acd9a07e691c
5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac

HTTP Headers

GET /landings/277388/1669909893/images/password.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 9btLNf6TtGpWvWnHq+dkVMGg7d84R3Dhs8m+oIwCwfH9wsrRfer1hvxSzBwJNX3FQB4zvbHgm5Q=
x-amz-request-id: AFKF3V2C4HR020X4
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1339
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c6af90f016d8e2a96c05a34ddb9ebbab
f1440025eeec8413fbe4e8d6a49779d1c8cdd9ef
77c0e58bd42f70ec82dcbc502a00e4cca6bf4c198c049a2a0181ba6008d14441

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 15:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/landings/277388/1669909893/images/49.png

184.31.15.67

200 OK

4.5 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/49.png
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 336 x 336, 8-bit/color RGB, non-interlaced\012- data
Size
4.5 kB (4510 bytes)
Hash
372e58a66b7d92e1dd903f32fb308d1e
40be5d7067b822dfed07e173acd11cfceaa9e329
82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793

HTTP Headers

GET /landings/277388/1669909893/images/49.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277388/1669909893/css/style.css?1669909893
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: fUANWLIiaZUa7V2/5D2zupC950SRVbJO2DVqJnR307wb3laEecMNU+spukeGyKxu6DvEPQhEjcE=
x-amz-request-id: SYBJHZTS8KBTEPYT
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "372e58a66b7d92e1dd903f32fb308d1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4510
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/action_icons_20px_2x.png

184.31.15.67

200 OK

1.7 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/action_icons_20px_2x.png
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1726 bytes)
Hash
b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e

HTTP Headers

GET /landings/277388/1669909893/images/action_icons_20px_2x.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277388/1669909893/css/reviews.css?1669909893
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
x-amz-id-2: uYq+TK/9UZmvCdsCVO88DSAlsmqXV3NnWt7ncX3Pk7iatskKTDilyukIqAm34s6v9bKxYZjR9Qs=
x-amz-request-id: SYBYNVG6CBDCSMW8
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "b699975b5fe73b087e711a33ff24ee1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1726
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/277388/1669909893/images/favicon.png?t=20221227155842

184.31.15.67

200 OK

4.1 kB

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/favicon.png?t=20221227155842
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4093 bytes)
Hash
40a54c3ecf143b64096b063ff793fdbb
017eafffc5e55226a2aec0dd3c03f1b6130a6bab
39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423

HTTP Headers

GET /landings/277388/1669909893/images/favicon.png?t=20221227155842 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 6wKzDkOpDtH0dyPvmGXjSgwTs95fQoXFKuj+E/OPLC7lWkCjjiuPDWvmc51Wq1mrXPnVydE+7bo=
x-amz-request-id: TS6255DBAZFJCYSK
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4093
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

35.241.9.150

200 OK

681 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Size
681 B (681 bytes)
Hash
d87a0e2c657692a78613d7b8f376ed14
54e08e441c86528bbb8eda4cbec07d7cfe19c921
3d4b70de7337ef1f2b392593110c6de7829f3cc719ad28b67eb75ca18322ac13

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Tue, 27 Dec 2022 15:15:00 GMT
last-modified: Wed, 21 Dec 2022 16:36:54 GMT
etag: "1671640614965"
content-type: application/json
age: 2623
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

jwbvdz.exceilentdate.com/ortb

63.32.216.166

200 OK

13 B

URL HTTP/2
jwbvdz.exceilentdate.com/ortb
IP
63.32.216.166:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
1031bf08481e45e42ceb3fd978c3d379
3d6d43df4c45f09f5d68593646fd83352323a5ea
c99e0e70ba976626855bf7f83fc0e333b57833bcaf3dcfba16215a6e4fa3e208

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /ortb HTTP/1.1
Host: jwbvdz.exceilentdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 295
Origin: https://jwbvdz.exceilentdate.com
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=1028a8f5be97f68be84b44a1ff6cd5&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1
Cookie: unique_id=63aae8b30002a847; unique_id2=63ab1632000b0899; 63ab1632000b0899_c=1; ref_token=120749; impression=; 63ab1632000b0899_sl=[277388]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 15:58:43 GMT
content-type: text/plain; charset=utf-8
content-length: 13
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22

35.241.9.150

200 OK

934 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (934), with no line terminators
Size
934 B (934 bytes)
Hash
e3abf939ed3606001823d5a36d16eafa
cff9b8a9c68eb2b19a0e9a1b3e313f9e45dc81d9
9771b60807e30e299968fa2b4c4548c5a3ea4f6338f2810052a141b7033a9ec8

HTTP Headers

GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 934
via: 1.1 google
date: Tue, 27 Dec 2022 15:45:37 GMT
age: 786
last-modified: Wed, 21 Dec 2022 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1670864154336&_since=%221657747510534%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1670864154336&_since=%221657747510534%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Size
1.7 kB (1710 bytes)
Hash
629b47299cc2636d30c88783cf821211
30aef7a730d0c5989879f6dc58821119a4935cce
33f95b6babac070cef52420295ed87fefc7f14782b8dfe146abbaea76b281927

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1670864154336&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1710
via: 1.1 google
date: Tue, 27 Dec 2022 15:11:14 GMT
age: 2849
last-modified: Tue, 20 Dec 2022 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1671479975574&_since=%221661199949574%22

35.241.9.150

200 OK

16 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1671479975574&_since=%221661199949574%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (15593), with no line terminators
Size
16 kB (15593 bytes)
Hash
064ecbf904b3af234f13be255e8e7094
ca73224380ebdac800212f9ee1756850066012f8
343c2b0fb94729a39c755f279cbe1a9f480b41fb91de989216a863eef3cdfb02

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1671479975574&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 15593
via: 1.1 google
date: Tue, 27 Dec 2022 15:05:06 GMT
age: 3217
last-modified: Mon, 19 Dec 2022 19:59:35 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: Z/jL6HJJeudq+ylT2+uB9+yI+mg4vi9vs49m9jANymiiOaYV6SF2tMUWF5yD9B8u9Kf09eCHD1s=
x-amz-request-id: VCPZHH4C7KZ67FWZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 15:58:13 GMT
age: 30
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

35.241.9.150

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Size
1.5 kB (1504 bytes)
Hash
daa06bb95580355bd767c1cc2c5d4184
37c15ae9f9b971ca18076299871ec5ab25fd824a
4cd00710ae5ea75d59fbd72707c3312b1d695e6e52a837a45d1dfe13e1dd97d4

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Tue, 27 Dec 2022 15:19:34 GMT
age: 2349
last-modified: Mon, 19 Dec 2022 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3677
Expires: Tue, 27 Dec 2022 17:00:00 GMT
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3677
Expires: Tue, 27 Dec 2022 17:00:00 GMT
Date: Tue, 27 Dec 2022 15:58:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SgjNBdI4lkk3DIdROxkZ8sdadoe-pewXA9Q5M55pGe-LNk012lLFmQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 03:27:32 GMT
age: 45071
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15371 bytes)
Hash
a4b903e264b412e69e5f22091bf423ea
92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f
8d5d90968489731604a2286d9e2b9a307147a3cc0b1ffd32f1186ceea9b8fcff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15371
x-amzn-requestid: 63d10011-ae3d-48fb-b892-26d94dc6ef83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs8EVDIAMFTOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-3da712a621773d56567c014f;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2dVU6KIg3WiMurg-pgSmReyT89IjMeJUptYrHaPJiDTOaPr0PqrO6Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 07:24:37 GMT
age: 30846
etag: "92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7924 bytes)
Hash
a4a7ec0fdc177ed09c8949dcd68efb35
8ad28905291f4a184c0f32292415d1af0db3cead
7862e695c7eea224263bccaabcc54fc337ea533d6f1fafe0426b8699f3880922

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7924
x-amzn-requestid: 30d67a34-fa95-4aa8-84d7-7c769a9e7fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYgEnNoAMF7ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129c-743b9f4845f2c6f312463662;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DARBFo3gGdqpiutH2AJvUFtxyaamlecRtekmlCERttcXoXZ9FNswGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:45:05 GMT
age: 65618
etag: "8ad28905291f4a184c0f32292415d1af0db3cead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
bf353b055c5b241dc127a5f348288bd7
967babae78ca060a48978d1a29a20b459fa89aa2
4def932d04f53426b80ac7f3f366e1e8af0c76670f94c9ebd613309e2982d433

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 46bf3684-b3d9-4948-ab4b-09477cf5af0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxg-TEd2IAMF9jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1528-4eebb1950a70fb2d3a718426;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:42:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-fFjRek8hGyiY7C49TCIXNHjWLSjsyOh8duU4ZHsrRIhqNSwptK9g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 65627
etag: "967babae78ca060a48978d1a29a20b459fa89aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0792a3e-4f16-42e9-b578-b308064c166b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
4b8e2f135d62691518db239f44428b34
adbf35fbf576cc522bae9a1afbdd135fdcf1047d
b79338ce5513c8c861ffa377de4fdb67f30d193ec0beaec9ee19478c11262947

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0792a3e-4f16-42e9-b578-b308064c166b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 3a0f0c4e-c1de-4c62-846a-5315618dc108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duzkpEySoAMFdUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8ffb7-487a4fe512df2ff64ecd60fb;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 01:58:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: B3qu784S_4ciCfg76XwyCeWbTtnbM-wIVi5q-Lj_OiR2QlFsq7jpnQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 10:05:54 GMT
age: 21169
etag: "adbf35fbf576cc522bae9a1afbdd135fdcf1047d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2714bb-b993-4a59-8060-2731a83cad48.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9772 bytes)
Hash
d1964c05c10407de7a80602733f4e740
ad4906adb14904182746eac5935433fba1c7783c
521aa22be37143a80eb3314f57cf9b99d48a9ad77bebb8012c96464b93530b63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2714bb-b993-4a59-8060-2731a83cad48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9772
x-amzn-requestid: 92ffab03-243e-432f-bbeb-be90fa5e0ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYDFvfIAMFajA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1299-7cb9a9b729db72b7550fcf7c;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MogTHBdmwt6knnv1C_t_LNy98cz8k61YRJqfbHrT8jNGXcj8VQCdYg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 65627
etag: "ad4906adb14904182746eac5935433fba1c7783c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1

63.32.216.166

200 OK

0 B

URL HTTP/2
jwbvdz.exceilentdate.com/?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1
IP
63.32.216.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_102911fbe423696e9e213ac4c58b82&click_id=1028a8f5be97f68be84b44a1ff6cd5&j1=1&j5=1&j8=1&j9=1 HTTP/1.1
Host: jwbvdz.exceilentdate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 15:58:42 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=63aae8b30002a847; Path=/; Expires=Sat, 25 Feb 2023 15:58:42 GMT; Secure; SameSite=None
unique_id2=63ab1632000b0899; Path=/; Expires=Mon, 27 Mar 2023 15:58:42 GMT; Secure; SameSite=None
63ab1632000b0899_c=1; Path=/; Expires=Mon, 27 Mar 2023 15:58:42 GMT; Secure; SameSite=None
ref_token=120749; Path=/; Expires=Thu, 26 Jan 2023 15:58:42 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 27 Dec 2022 15:58:42 GMT; Secure; SameSite=None
63ab1632000b0899_sl=[277388]; Path=/; Expires=Tue, 10 Jan 2023 15:58:42 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Alfa+Slab+One&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Alfa+Slab+One&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Alfa+Slab+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Dec 2022 15:58:42 GMT
date: Tue, 27 Dec 2022 15:58:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Dec 2022 15:58:42 GMT
date: Tue, 27 Dec 2022 15:58:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/277388/1669909893/images/1.mp4

184.31.15.67

206 Partial Content

0 B

URL HTTP/1.1
cdn-dimi.akamaized.net/landings/277388/1669909893/images/1.mp4
IP
184.31.15.67:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/277388/1669909893/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
x-amz-id-2: 0WvuBmPpUHDVw0mp2PNI1T3WXHAWZD4SRdirldqUybuyUw0AowRDt2rbjA711ZX8SmX40JqkAQ8=
x-amz-request-id: 3A7JRT320X13QA95
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "9da1ec568a44f92b56f3d1e3c10da6a4"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Tue, 27 Dec 2022 15:58:43 GMT
Content-Range: bytes 0-2971964/2971965
Content-Length: 2971965
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations