Report - trk.klclick3.com/ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D

Report Overview

Submitted URL
trk.klclick3.com/ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D
IP
54.230.111.17
ASN
#16509 AMAZON-02
Submitted
2022-11-21 17:42:05
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
images.benchmarkemail.com	123209	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	20 kB	163.171.134.109
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	903 B	104.18.10.207
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	843 B	14 kB	104.17.25.14
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.252.32
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.3
mail.cratex.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	199 B	72.198.189.194
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
trk.klclick3.com	17450	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	704 B	54.230.111.95
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	24 kB	69.16.175.42
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	778 B	63 kB	142.250.74.42
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	44 kB	34.120.237.76
ipfs.fleek.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	775 B	1.3 kB	104.17.64.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.1 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	828 B	46 kB	104.18.10.207
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-21	medium	trk.klclick3.com/ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-21	medium	trk.klclick3.com/ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D	Phishing
2022-11-21	medium	ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-26 22:55:05 Times Seen106617 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 00:20:46 Times Seen106415 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 23:21:50 Times Seen384932 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT	1.8 kB	2023-03-07	2024-02-07
Pretty URL ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:44:20 Last Seen2024-02-07 15:49:12 Times Seen25 Hash 00999791b07648c94d6e6ef73714d747 f3f90932bc8b259650def356aaaa63dd408ee7ab 01eca6858476622bdf6593b2462831cbde757d2d2c246a1077cc57826a2ffcb6 Loading...

	ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT	137 B	2023-03-07	2024-04-26
Pretty URL ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-26 07:35:43 Times Seen1555 Hash 3012703a3a5c709a38f2cba896e8e5e6 d574b12ce7043b1ee47eb6934c39f19379fcf0ec 2c65e217804431e380651ce713d311bd5b5a5fb81cebc58392505cb35c854cdc Loading...

	ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT	5.7 kB	2023-03-09	2023-04-06
Pretty URL ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT IP 104.17.64.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:11:27 Last Seen2023-04-06 18:53:00 Times Seen4 Hash 5f242f717164440ce01f6b3f40ae63da 96a34bab71ef59e463fba787d1ba9e229a17c174 389f7effaa917316798e00654038a1211454e6ae5b210b21eaffa87cec1f6521 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 22:55:05 Times Seen111975 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-26
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 22:55:05 Times Seen137276 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

HTTP Transactions (44)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2242
Expires: Mon, 21 Nov 2022 18:19:16 GMT
Date: Mon, 21 Nov 2022 17:41:54 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3988
Cache-Control: max-age=150951
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:54 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:37:45 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20302
Expires: Mon, 21 Nov 2022 23:20:16 GMT
Date: Mon, 21 Nov 2022 17:41:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 17:09:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1958
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: O/aW3G01Me/WR0+nktHu4co35pf3+hqezCpwY+kopUhv0DzQqns1UcitqX6WpseMXeGfy6O3GYS9ba6af6GYHQ==
x-amz-request-id: X4D8SC9FMPYA31NJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 17:39:14 GMT
age: 160
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 17:41:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

trk.klclick3.com/ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D

54.230.111.95

302 Found

167 B

URL HTTP/2
trk.klclick3.com/ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D
IP
54.230.111.95:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
167 B (167 bytes)
Hash
0425d870ce820becf22fc0187e1ae486
c1b524f346fe5e781b1b64a1e07ab87b406cc14d
403b1064afd130017d19e4b1f0dd28163cf5bf0c2308c2844878954ab86ac647

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /ls/click?upn=fciypmZWF8msewCdXiaaNKTJggvPk5rHq7bI7kBdAJP7bkv0WpKJWy40OjP1i50YYIsvO2SfSgnpq-2FmjVcN4gkZnmnfHD4nONis3n7Pv2E5crfVfbX7HKAkRGHPMXOXzPBqPzg5c7Dv4rl4aO8FzFEnLQrZUGWMlD9OYfIMJ0MlhArGO1Y3dOwOOU6ZIZ2YZThuraRakbBW44kF3kUkJ3g-3D-3DuHKB_Qbpndk7KtLbtG-2BmoTUqO9gzQANsa7RUQHL1-2Bp-2B1NH-2FH7oezR9sPu5yN66gT31DCZ51vCWnmNSPiVPsBjDSXYTpd0p3qZR8WkBFdDO6WJ-2B8rZanwDQ-2FQaf6J9e26QFZ79Gs8AM5m1iS1sppwFLKLquUhpl2Yz4m2KACaivLNnefIKVsuAlkGFP76vADOkygdjBzg3Ahz5gIhW6Uqb9vCyDD09Q9NdQI-2FkX-2BtjKSHlM7rdLRkxv1OxvEUzNn4HOPRKmDKjZpBPZ3hVHDaa2SsacMAqpr5N8tdWXWGQRNlXdyOGAsIHbwSLKrnEGWKtb6W7I389nTWc8Jlabv1KPhGPQSrRTENuzneQSGYJpWqNj6iywROAknB5ByRhwJL0wogJR3IC9Z7dWV-2BVBCYR9g1jreT5HMpXum7TCDlqNFgVCKs-3D HTTP/1.1
Host: trk.klclick3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 167
location: https://ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT
server: nginx
date: Mon, 21 Nov 2022 17:41:54 GMT
x-robots-tag: noindex, nofollow
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ubT0G6GUAV2DYcJxiwFtzosP4nZpiujTl5Z3IdPO0n9JzhJ5wMkEZQ==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
464e444e2454a25a490abe1aad9a7c62
1d9b5f3a3be6e6741776fbf4c75897d774443dab
0f2e649ef54c73c38389a5e2ecf14d84e1d661779177cb7d485194ebd58b0875

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=154518
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:54 GMT
Etag: "637b70f8-118"
Expires: Wed, 23 Nov 2022 12:37:12 GMT
Last-Modified: Mon, 21 Nov 2022 12:37:12 GMT
Server: nginx
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 17:08:53 GMT
cache-control: public,max-age=3600
age: 1981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5859
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Last-Modified: Mon, 21 Nov 2022 16:04:16 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.252.32

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.252.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HuIId1DEM7vDe8IqFj7Ftg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 74Pa42fiY3yPD9fOQ3HAAByk4c4=

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1cd8cd0a55a4b3c0e81cc8e75a183a47
9fdbac0a9f847daadd72365ef76687a0d1be7895
55f8cd871843dfbcb69e9755159c0b63abfba7ec9e6c7d94ef643cd726d66e97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=138794
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Etag: "637b2240-116"
Expires: Wed, 23 Nov 2022 08:15:09 GMT
Last-Modified: Mon, 21 Nov 2022 07:01:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1cd8cd0a55a4b3c0e81cc8e75a183a47
9fdbac0a9f847daadd72365ef76687a0d1be7895
55f8cd871843dfbcb69e9755159c0b63abfba7ec9e6c7d94ef643cd726d66e97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=138794
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Etag: "637b2240-116"
Expires: Wed, 23 Nov 2022 08:15:09 GMT
Last-Modified: Mon, 21 Nov 2022 07:01:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

104.17.25.14

200 OK

5.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
5.9 kB (5884 bytes)
Hash
aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 508258
expires: Sat, 11 Nov 2023 17:41:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPRaFpBDrlirWM%2BuOInPmStVl3Jlt%2F%2BTyRgpgOM6ZVR7BFdo9FxmyW%2FhZn%2F4R69lv908DVn%2B3c2PE%2FJu3MfIvL1P0w3ci6mnDfrTeX16IXMk8owe3y%2B%2FYzu1D94M5yi8oTwFGaWt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76db38100e9eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 865058
expires: Sat, 11 Nov 2023 17:41:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2JMsyKCtZsG9lnfp2%2FMsqVYcqvs7ku7pcdQnHqXzkfAXt2yvqhS%2FAS43bE1ouJXd3P%2FRgzxOvmleSfqz4BTsCEZhNn79FWhC0BJdvAyD7wI17cvqWGBx61dghufqzrybtk4XNVs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76db38103a46fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1cd8cd0a55a4b3c0e81cc8e75a183a47
9fdbac0a9f847daadd72365ef76687a0d1be7895
55f8cd871843dfbcb69e9755159c0b63abfba7ec9e6c7d94ef643cd726d66e97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4790
Cache-Control: max-age=139155
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Etag: "637b2240-116"
Expires: Wed, 23 Nov 2022 08:21:10 GMT
Last-Modified: Mon, 21 Nov 2022 07:01:20 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b80eb50d051e581c09b26fe16b8c3ff
55db03df2658ec3a874d38398c6229a78e5f8e45
e67b2ff0c2a748aab475964ce6dbbc6a4b7519516884ff57a783a17ec00dceff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E67B2FF0C2A748AAB475964CE6DBBC6A4B7519516884FF57A783A17EC00DCEFF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Mon, 21 Nov 2022 18:38:28 GMT
Date: Mon, 21 Nov 2022 17:41:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b80eb50d051e581c09b26fe16b8c3ff
55db03df2658ec3a874d38398c6229a78e5f8e45
e67b2ff0c2a748aab475964ce6dbbc6a4b7519516884ff57a783a17ec00dceff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E67B2FF0C2A748AAB475964CE6DBBC6A4B7519516884FF57A783A17EC00DCEFF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Mon, 21 Nov 2022 18:38:28 GMT
Date: Mon, 21 Nov 2022 17:41:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b80eb50d051e581c09b26fe16b8c3ff
55db03df2658ec3a874d38398c6229a78e5f8e45
e67b2ff0c2a748aab475964ce6dbbc6a4b7519516884ff57a783a17ec00dceff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E67B2FF0C2A748AAB475964CE6DBBC6A4B7519516884FF57A783A17EC00DCEFF"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Mon, 21 Nov 2022 18:38:28 GMT
Date: Mon, 21 Nov 2022 17:41:55 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1cd8cd0a55a4b3c0e81cc8e75a183a47
9fdbac0a9f847daadd72365ef76687a0d1be7895
55f8cd871843dfbcb69e9755159c0b63abfba7ec9e6c7d94ef643cd726d66e97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=138794
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Etag: "637b2240-116"
Expires: Wed, 23 Nov 2022 08:15:09 GMT
Last-Modified: Mon, 21 Nov 2022 07:01:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.42

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669052515.dop065.sk1.t,1669052515.cds020.sk1.hn,1669052515.cds235.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1cd8cd0a55a4b3c0e81cc8e75a183a47
9fdbac0a9f847daadd72365ef76687a0d1be7895
55f8cd871843dfbcb69e9755159c0b63abfba7ec9e6c7d94ef643cd726d66e97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=138794
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Etag: "637b2240-116"
Expires: Wed, 23 Nov 2022 08:15:09 GMT
Last-Modified: Mon, 21 Nov 2022 07:01:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.42

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 03:25:05 GMT
expires: Sat, 18 Nov 2023 03:25:05 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 310610
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.42

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:18:58 GMT
expires: Wed, 15 Nov 2023 14:18:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 530577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

images.benchmarkemail.com/client1227621/image9952302.png

163.171.134.109

200 OK

2.7 kB

URL HTTP/1.1
images.benchmarkemail.com/client1227621/image9952302.png
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 128 x 108, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2712 bytes)
Hash
5cc36ae99d31d6e368596c1077715145
a7bfeddb2d84961b69f91c1407a3e940ba989e7a
4f2bf2a799bf8d1437675581a81dc5c9ca2d02db84101b682324f2accebae4a2

HTTP Headers

GET /client1227621/image9952302.png HTTP/1.1
Host: images.benchmarkemail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 17:41:55 GMT
Content-Type: image/png
Content-Length: 2712
Connection: keep-alive
Server: PWS/8.3.1.0.8
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Age: 517182
Via: 1.1 google, 1.1 PS-YUL-01gBp94:6 (W), 1.1 PSdgflkfFRA1ox201:9 (W), 1.1 PS-ARN-016FX94:22 (W)
X-Px: ht PS-ARN-016FX94ARN
X-Ws-Request-Id: 637bb863_PS-ARN-016FX94_36620-45297
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Cache-Control: max-age=604812

images.benchmarkemail.com/client1227621/image9952309.png

163.171.134.109

200 OK

1.1 kB

URL HTTP/1.1
images.benchmarkemail.com/client1227621/image9952309.png
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 69 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1059 bytes)
Hash
38cdf1a0f0219db30a7756696072222c
09371287f37b748aeb93f9e2b24fcdeb86d5ffa2
2ed245496ce8959ae09061f98017b8cb9a259442e57fd37606d9d349c97b769a

HTTP Headers

GET /client1227621/image9952309.png HTTP/1.1
Host: images.benchmarkemail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 17:41:55 GMT
Content-Type: image/png
Content-Length: 1059
Connection: keep-alive
Server: PWS/8.3.1.0.8
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Age: 517181
Via: 1.1 google, 1.1 hx171:0 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-ARN-01C8L93:5 (W)
X-Px: ht PS-ARN-01C8L93ARN
X-Ws-Request-Id: 637bb863_PS-ARN-016FX94_43526-23178
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Cache-Control: max-age=604812

images.benchmarkemail.com/client1227621/image9952320.png

163.171.134.109

200 OK

1.5 kB

URL HTTP/1.1
images.benchmarkemail.com/client1227621/image9952320.png
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1541 bytes)
Hash
76e7508213e72dfb76c1049cb1662da9
27879b93cac6da72fe348933f25b5f0383945a17
c4d298a54b0d4437ee3aec09c9759838765d15683c9c05e860fc1fd2a5d02c8f

HTTP Headers

GET /client1227621/image9952320.png HTTP/1.1
Host: images.benchmarkemail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 17:41:55 GMT
Content-Type: image/png
Content-Length: 1541
Connection: keep-alive
Server: PWS/8.3.1.0.8
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Age: 459800
Via: 1.1 google, 1.1 hx172:1 (W), 1.1 PShlamstdAMS1bm110:10 (W), 1.1 PS-ARN-01C8L93:13 (W)
X-Px: ht PS-ARN-01C8L93ARN
X-Ws-Request-Id: 637bb863_PS-ARN-01C8L93_41470-55622
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Cache-Control: max-age=604812

images.benchmarkemail.com/client1227621/image9952317.png

163.171.134.109

200 OK

10 kB

URL HTTP/1.1
images.benchmarkemail.com/client1227621/image9952317.png
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 300 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10512 bytes)
Hash
b239bfbd2fb7ebf2c863daf763a16e48
1943b084951c0c87b7fbe1fc4f1c56ab8ddf4901
db081bd7382b0945eb64402ebfcdd7a41a213c08e7e172fb1f4a676cb3dd7a53

HTTP Headers

GET /client1227621/image9952317.png HTTP/1.1
Host: images.benchmarkemail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 17:41:55 GMT
Content-Type: image/png
Content-Length: 10512
Connection: keep-alive
Server: PWS/8.3.1.0.8
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Age: 459800
Via: 1.1 google, 1.1 hx172:7 (W), 1.1 PSdgflkfFRA1bc200:0 (W), 1.1 PS-ARN-01C8L93:3 (W)
X-Px: ht PS-ARN-01C8L93ARN
X-Ws-Request-Id: 637bb863_PS-ARN-016FX94_36620-45298
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Cache-Control: max-age=604812

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 17:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

images.benchmarkemail.com/client1227621/image9952284.png

163.171.134.109

200 OK

1.5 kB

URL HTTP/1.1
images.benchmarkemail.com/client1227621/image9952284.png
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 10 x 879, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1534 bytes)
Hash
d67d58dd5ef45556bf67d004c99466c9
2e7ec1e121865832ea96511620c0d5091b43f06b
2dafb4a88395393877aae77a1546570bd8bf7869a3dd9da75c0c0f80afa36d3d

HTTP Headers

GET /client1227621/image9952284.png HTTP/1.1
Host: images.benchmarkemail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 17:41:56 GMT
Content-Type: image/png
Content-Length: 1534
Connection: keep-alive
Server: PWS/8.3.1.0.8
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Age: 200369
Via: 1.1 google, 1.1 PS-YUL-01SRZ95:1 (W), 1.1 PShlamstdAMS1mi112:2 (W), 1.1 PS-ARN-016FX94:5 (W)
X-Px: ht PS-ARN-016FX94ARN
X-Ws-Request-Id: 637bb864_PS-ARN-016FX94_36620-45299
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Cache-Control: max-age=604812

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4717
Expires: Mon, 21 Nov 2022 19:00:33 GMT
Date: Mon, 21 Nov 2022 17:41:56 GMT
Connection: keep-alive

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.10.207

200 OK

21 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
21 kB (20749 bytes)
Hash
f2afe6a7e5cff13e61bb881fa37c8ac0
8a63f7180567a71af0ff8db8cbcacabe2d13b75a
2bdb579198912a552570036d42336f2d2403a372379831d598367e08e1aaac94

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 17162852
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76db381039a40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4717
Expires: Mon, 21 Nov 2022 19:00:33 GMT
Date: Mon, 21 Nov 2022 17:41:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 05:19:29 GMT
age: 44547
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7996 bytes)
Hash
131cae0245e456c2497833b48cc1be0e
01b7bf2cfcdac73911dbd0a570d262978a43daf1
539cc2fdefb049df026b18d450c56d85b7821b8723ea0070efa460096669576e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7996
x-amzn-requestid: af3a6545-f0ad-40de-b1f6-56b9607242f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1BvREKZoAMFzDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63784994-2659c8ec5fc04c510ea0e643;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 03:12:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UU9m-kzHM4oKCHNiK2q4NWftsCueXeiBpJkk0cDv3et4v3MpF6eCtQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 04:04:43 GMT
age: 49033
etag: "01b7bf2cfcdac73911dbd0a570d262978a43daf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5045 bytes)
Hash
96135f96986369533c0362367c1e6fd8
bc8b0612b79cb30817880fac9728318f837854b4
f4eab133baf21daae8b809966e8ffbe64a2414fd334538a226a2a39ab39c3d46

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5045
x-amzn-requestid: 93295168-385b-4b26-92e0-65858db59541
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0PgfGfVoAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377f936-7d3d9e44191051f454bd53ca;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:29:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hYkfj6mcRyzHioX7RAjvhpITDBX_CXLhum92tHz6ilGAY2C0fNi48g==
via: 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 08:37:09 GMT
age: 32687
etag: "bc8b0612b79cb30817880fac9728318f837854b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9042 bytes)
Hash
4a8070a1aa0d48b75c639fa24eec3d96
14a81b4e2bdcdcdd951aa6660dc640c0292a2109
70b29ce3872a0c46d8d0e61f2801df1a98c8ea6e516adb1c2fe1bdad35f654f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff64f225f-d92d-42e1-a0cd-0b9c89e36291.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 02203d7e-e15a-40d8-a09e-c40299c6f332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bu2bSH6xoAMF1FA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375d114-79f15fbc1c64941e54c6d5e3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 06:13:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YHoIX9fgjqNaOq_84IdURDMNigg62C8616_qky56Xx7ok4LJvvqEfw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 12:54:30 GMT
age: 17246
etag: "14a81b4e2bdcdcdd951aa6660dc640c0292a2109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

23 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48664)
Size
23 kB (23182 bytes)
Hash
b54d64febd48e5e312ae93e9f10ea526
ccef022511a06add7b06cfce2e895b7cffbe95d5
4a770c5a0a60d9a91f00ab79884c306cb708f39595c66a8f774709e0d14cfa45

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipfs.fleek.co
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/10/2022 17:24:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 9112cdfe1e798677d8162c8f3d8d3a77
cdn-cache: HIT
cf-cache-status: HIT
age: 1883870
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76db38106999b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5342 bytes)
Hash
a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PkFAourr7ixQ5NYcdMugerMxFTdCLgIAaBz6erANuppgzE2Tm4yVpA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 22:34:27 GMT
age: 68849
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mail.cratex.com/owa/auth/15.1.1466/themes/resources/favicon.ico

72.198.189.194

404 Not Found

0 B

URL HTTP/2
mail.cratex.com/owa/auth/15.1.1466/themes/resources/favicon.ico
IP
72.198.189.194:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /owa/auth/15.1.1466/themes/resources/favicon.ico HTTP/1.1
Host: mail.cratex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: Microsoft-IIS/10.0
request-id: d3cff573-6c7d-447d-9888-1dc3300c307a
x-powered-by: ASP.NET
date: Mon, 21 Nov 2022 17:35:47 GMT
content-length: 0
X-Firefox-Spdy: h2

ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT

104.17.64.14

200 OK

0 B

URL HTTP/2
ipfs.fleek.co/ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT
IP
104.17.64.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq?_kx=GlC_I23qMSIy4FXD7ir93PnTdcPkVVA3WcvLNg8FilI%3D.ShAQqT HTTP/1.1
Host: ipfs.fleek.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=155905004.1468018235.1653591318.1653591318.1653591318.1; __utmz=155905004.1653591318.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); intercom-id-k1pm16x3=4dd3663d-9110-458c-8b62-23c955bfa0e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-type: text/html
cf-ray: 76db380a0c470af6-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq"
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq
x-ipfs-root: bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq
x-ipfs-roots: bafybeiaurtz7lxjwalai6xynmedk4ftgm3rbb6qcvbjf2fphpkp6fv47xq
set-cookie: __cf_bm=1TMqpz3VOrIXG.Y6yNSln4p_aYGQ2weZMbXQuqCzUX8-1669052515-0-Aa4uI+obajOR5Fpr5XJFzf6IHwi2VeuOZqSc5PN3mc0mU+qPWbo0zcIkesqP0j+foftjKDKrCnYIEz6CDJRH464=; path=/; expires=Mon, 21-Nov-22 18:11:55 GMT; domain=.ipfs.fleek.co; HttpOnly; Secure; SameSite=None
cloudflare-web3-deprecation: This hostname will be deprecated on January 15th, 2023. If you are the site administrator, please refer to https://developers.cloudflare.com/web3/reference/migration-guide
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ipfs.fleek.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 17:41:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 14499269
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76db381069dd0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations