Report - s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html#qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb

Report Overview

Submitted URL
s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html#qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb
IP
52.217.232.16
ASN
#16509 AMAZON-02
Submitted
2022-09-04 19:59:46
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-17T05:09:38Z	823 B	570 B	216.239.32.36
speedtrkgood.com	unknown	2021-02-12T20:18:55Z	2023-03-14T00:02:17Z	606 B	1.2 kB	18.232.203.164
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-17T08:44:25Z	377 B	39 kB	142.250.74.72
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	34.210.39.83
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-17T05:10:24Z	690 B	3.8 kB	104.18.20.226
ddggpro.com	unknown	2021-11-22T17:24:37Z	2023-03-01T13:30:59Z	556 B	709 B	34.224.181.209
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T09:12:35Z	448 B	2.0 kB	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.25
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	3.0 kB	8.3 kB	54.230.245.100
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	67 kB	34.120.237.76
www.lejeunelawsuits.com	unknown	2022-07-16T14:06:13Z	2023-03-15T08:07:25Z	6.0 kB	240 kB	143.204.55.110
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	2.3 kB	4.9 kB	142.250.74.3
sdk.helixbi.io	156586	2018-02-27T20:44:37Z	2023-03-12T20:02:05Z	1.1 kB	88 kB	143.204.55.87
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T06:30:00Z	486 B	41 kB	142.250.74.163
gw.helixbi.io	128425	2018-02-27T20:44:38Z	2023-03-12T20:02:06Z	848 B	312 B	44.241.18.46
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.0 kB	5.3 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
cycleladypalms.com	unknown			417 B	363 B	15.235.131.136
api.trustedform.com	23021	2012-10-29T06:30:13Z	2023-03-17T06:15:21Z	1.4 kB	1.5 kB	3.230.219.164
s3.us-west-2.amazonaws.com	2706	2017-11-13T13:12:52Z	2023-03-17T10:12:00Z	454 B	466 B	52.218.236.16
cdn.trustedform.com	24659	2020-08-27T01:38:48Z	2023-03-16T20:11:49Z	833 B	1.0 kB	54.230.111.111
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.27
s3.amazonaws.com	unknown	2020-05-13T22:53:44Z	2023-03-17T00:16:57Z	468 B	460 B	54.231.193.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-04	medium	www.lejeunelawsuits.com/1step/lpd01/bundle.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293	8.1 kB	2023-03-07	2023-03-17
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 IP 3.230.219.164 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-17 12:38:12 Times Seen1 Hash 97d91c9803cec4e7981c0f415c2c1923 ed508735ac5818f50c57414d11efd642708e54de 607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1 Loading...

	cdn.trustedform.com/trustedform-1.8.27.js	101 kB	2023-03-07	2023-03-17
Pretty URL cdn.trustedform.com/trustedform-1.8.27.js IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-17 12:38:12 Times Seen1 Hash 2f557edcc84fd346c897a4d565e57ac0 b0d9e3bb1be35693c8fa4fbeb1fba3d74df3f651 67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458 Loading...

	s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html#qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb	89 B	2023-03-17	2023-03-17
Pretty URL s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html#qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:41:10 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 71a353575944ae15ba3ca1f64060a776 b59fffdfa0a4313dd7e98b3a64bb065c4e031eb1 2861ef562f4f1e72e7022ba8893370baab30c51d6f6f37a4d551792522e213bc Loading...

	www.lejeunelawsuits.com/1step/lpd01/bundle.js	98 kB	2023-03-07	2023-03-17
Pretty URL www.lejeunelawsuits.com/1step/lpd01/bundle.js IP 143.204.55.110 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 38f8ebe118f41d522df14744389155a6 14b4913931f8d17564a21807d75612611c9dcf9c 6a66f1e508ffdb33e4ca45cadb9df8c257dfd8db55721983045fe90f0b169833 Loading...

	sdk.helixbi.io/bltable.js	65 kB	2023-03-07	2023-03-17
Pretty URL sdk.helixbi.io/bltable.js IP 143.204.55.87 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:17 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 4ef0931a84745050dc9ce973340911cc b376fe14717e56bc349d9bb63afa8f7311515feb c0b4fc6bd9029a4baa5d66b216c5d4d06c2bff0d1d56f4403e431656211006a3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9	98 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:41:10 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 914a7980a0f0bce016c06647ab615807 dc3da6de3c9c2ebb1b6bf7b1198ffbce057c812a 42e11144f5bf51837cc7acadb8be3bc2630d7a15247a87b643aad15c3d584c28 Loading...

	sdk.helixbi.io/helixlead.js	5.4 kB	2023-03-07	2023-03-17
Pretty URL sdk.helixbi.io/helixlead.js IP 143.204.55.87 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-03-17 10:41:10 Times Seen1 Hash b3c9eca5f6d38f65ee802bd80e43b981 8d4c85f85fd5642e0381e95d471cc2968298b4e6 bd1f220e6edc24a22f3c6609f8474884a64a83fcafe18e15eafac29040e15607 Loading...

	www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178	295 B	2023-03-07	2023-03-17
Pretty URL www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178 IP 143.204.55.110 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 7250a54dfa5250bb4e74aa88584a4738 179ab7d45e7d846eced10e736d0bd1f692e0e73f 4b2aa23fcddbcfa184166d4fca2446d47ccf7985a11a4bad7961f7b3f8d6b48e Loading...

	sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D	16 kB	2023-03-07	2023-09-21
Pretty URL sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D IP 143.204.55.87 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-09-21 17:43:36 Times Seen7 Hash fc0b3a91ad17eca1f1af0dea86fbb192 224e357efcb29d52ed1423101be1223f1080215c ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1 Loading...

	www.googletagmanager.com/gtag/js?id=G-FPS8WV0V59&l=dataLayer&cx=c	211 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-FPS8WV0V59&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:41:10 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 9273dbe1127c145223b47449dd5662d1 89b3610b16e52b599b811e1e0dfcd13b78337ebe d1ebd4915119f489013ea6c1010bceaa41db5a6e2d400894044eabbfe8f813d9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - e018c77e67a96b7f5440da3c7397e35a	17 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-27 01:54:11 Times Seen10342 Hash e018c77e67a96b7f5440da3c7397e35a a090b0a7035556c7f71070fe10c2e37fa15584c5 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e Loading...

HTTP Transactions (63)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 19:44:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i2L0odVz08ArTnbWrFmqBK0AabGiMmRtTu8tYtAEXcjo2FOydpPGvg==
Age: 916

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2273
Expires: Sun, 04 Sep 2022 20:37:28 GMT
Date: Sun, 04 Sep 2022 19:59:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rbDvCFbwzQgisDlkA9x-3G4feXmV-QuD8hg5k7UUt81wZUzSlR_Caw==
age: 67458
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
98a78ce3d1eabb2d783b22383e9b3b93
ddcefc7b3abc5b874f13b6bf2084ce6311207b78
2e915112579ab31550a106d5c60f27c13b73e8a2f0717330a96475a4cc7b789e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:35 GMT
Last-Modified: Sun, 04 Sep 2022 18:45:46 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V1VRIFAXvI5idTYkPMFpmjJEK32WhlVfKH_jMWBW4HyldwJSAIfXgg==
Age: 4429

s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html

54.231.193.168

200 OK

106 B

URL HTTP/1.1
s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html
IP
54.231.193.168:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
8f98d23997acc169a9c0959c4676c13f
16dd81a4373411a1d20b7cb1023628ef03245bb7
059a6e9be7094c855fef743d7a904fee808bcbf59da9b38acb50a1e0fa1ef79b

HTTP Headers

GET /te49rb1dge49zs/te49rb1dge49zs.html HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
x-amz-id-2: y4GiCSDsah6zgxkFfjUhu57WDIPORUpbVhB99GysNck6kjNvb+ysyUFABU1bi6BAU95xyg4+/oQ=
x-amz-request-id: NMNMG1ZNAQ9W9AQP
Date: Sun, 04 Sep 2022 19:59:36 GMT
Last-Modified: Sun, 04 Sep 2022 19:33:21 GMT
ETag: "8f98d23997acc169a9c0959c4676c13f"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 106

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 19:59:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 04 Sep 2022 19:38:16 GMT
Expires: Sun, 04 Sep 2022 20:06:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W0W6S4wVyy2dAeFDVT2v7JGAWz2IhDHVuoS0F9KFoznNiyLeyGAw1w==
Age: 1280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5261
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:36 GMT
Last-Modified: Sun, 04 Sep 2022 18:31:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

cycleladypalms.com/qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb

15.235.131.136

302 Found

0 B

URL HTTP/1.1
cycleladypalms.com/qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb
IP
15.235.131.136:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb HTTP/1.1
Host: cycleladypalms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 19:59:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
location: https://ddggpro.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69

push.services.mozilla.com/

34.210.39.83

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.39.83:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +WJuQi80Bh/G9yYkMmDEcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 46K5rsHLuJg6p/wPusuWiK+nRnc=

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
91dfc9896d12eca3f667e0bbb52144dd
d973eea9794680f259fa140dbdce24943c1d7839
43783304ee2f80822fb3a9d6c1d13a2b25fe5c2629bf28357278f5e8750ab6bb

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:59:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Sep 2022 17:10:49 GMT
ETag: "d973eea9794680f259fa140dbdce24943c1d7839"
Last-Modified: Sun, 04 Sep 2022 17:10:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74594e808d7bb52d-OSL

ddggpro.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69

34.224.181.209

302 Found

344 B

URL HTTP/1.1
ddggpro.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69
IP
34.224.181.209:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
344 B (344 bytes)
Hash
1eedbf4e1cfdf4e1323e50e667b205a1
622244b5b4dcdb092484c70c62cb9c6d2a7f6f8c
e59431cc541cc4616acae4879f59a8bd4160057c4c2d3c270e439cf1560f257f

HTTP Headers

GET /?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69 HTTP/1.1
Host: ddggpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
date: Sun, 04 Sep 2022 19:59:37 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private
location: https://speedtrkgood.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
d5917c26e8db58c386b198ad1f2f6e02
16a35ccf98ee5c8219231126df6e53b12f7768b3
6e6a214b85014ad115822b8dda18eb6ac1ba091945e18804fc22ea6b7769b61b

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:59:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Sep 2022 19:21:38 GMT
ETag: "16a35ccf98ee5c8219231126df6e53b12f7768b3"
Last-Modified: Sun, 04 Sep 2022 19:21:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74594e841aafb52d-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9690 bytes)
Hash
1bdfdf7e36f78f2f0e4d7ede9fdb76a8
babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:41 GMT
age: 79676
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5652 bytes)
Hash
10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oU-qOKW_Jy8MV0HLQWofKsOi_qseUcyZRoP5LoyLsCclpCgf6NHiBA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:02:43 GMT
age: 79014
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8688 bytes)
Hash
6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wifFJYoAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wd9SF3txQNTVUaSPcKQ_nQfPt1pBjFbuHzSZiQjfbGBSb-i7J8Rgjg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:44:29 GMT
age: 80108
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11380 bytes)
Hash
fc4ceb10dd9fcaab21ae58dcf10c401f
6ce530af682094dc5413db9de02565691fab4da7
84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s0voKdiDdj0mq8-VRFSWcYcQXaWti7929bpdKSQMWDoVCmOAPepuDg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:57 GMT
age: 58240
etag: "6ce530af682094dc5413db9de02565691fab4da7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10713 bytes)
Hash
8cdd0826b7d8be62cc2ed532e04e137b
383a0661fa09d9b48745b507389d0505303b6182
f2d04cf1ee9b5a885c246060c1036b21af4ecd3e51e5d05a529dbe0d63f7c2ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10713
x-amzn-requestid: d546a12c-c549-4ad3-80ad-6bad452927d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5winGzHIAMFTPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7aa-2060c6611eb4abb777cc17a8;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnd2mdQQcKzRP5RAJXmcJUSmO_AnlUgVrkT5tBR38PtfK_bThFBTtg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:47:53 GMT
age: 79904
etag: "383a0661fa09d9b48745b507389d0505303b6182"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14855 bytes)
Hash
ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:54:46 GMT
age: 79491
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

speedtrkgood.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec

18.232.203.164

302 Found

301 B

URL HTTP/1.1
speedtrkgood.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec
IP
18.232.203.164:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
301 B (301 bytes)
Hash
c83229b3cfa8bd5bf97c66866c897a0b
c5c59a23cf334cdaa41209965bade8b949422de4
f3cccbc8f53b824ee4e51e39d88d9c8bfb5f31575ec8cf2d78af53ad5a9815e1

HTTP Headers

GET /?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec HTTP/1.1
Host: speedtrkgood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
date: Sun, 04 Sep 2022 19:59:38 GMT
content-type: text/html; charset=utf-8
content-length: 301
cache-control: private
location: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sl=hoE8y57h1sXiZHEKt1pETR1EYQB2zJBmoUCeHdDpw26ox2pbZh5hJQ==; domain=.speedtrkgood.com; path=/; SameSite=None; secure; HttpOnly
tym=Zm4UmKo/M+/iZHEKt1pETR1EYQB2zJBmoUCeHdDpw26ox2pbZh5hJQ==; domain=.speedtrkgood.com; expires=Wed, 04-Sep-2024 19:59:37 GMT; path=/; SameSite=None; secure; HttpOnly
c31861=hoE8y57h1sV2DViyKatKTlFH5WRAN65i+rLEOCfbfzcKRABYnJg0QQ==; domain=.speedtrkgood.com; expires=Tue, 04-Oct-2022 19:59:37 GMT; path=/; SameSite=None; secure; HttpOnly

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
16483686fd8b50bd3df51aa2e7798456
825c10c52951d1c0220f78c4e8f42ac06728afea
adf78176ec3b41a21447cbd15ab0e1106fa1f10a08e61271e8a06199e6d8aa81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ePdj88e0k7IPgFPdi39j42mDYt2Z2BmdMIKGPf-2S8veIGdBtCNFtw==

www.lejeunelawsuits.com/1step/lpd01/img/ll-logo-3.png

143.204.55.110

200 OK

54 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/ll-logo-3.png
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PNG image data, 2437 x 632, 8-bit/color RGBA, non-interlaced\012- data
Size
54 kB (54410 bytes)
Hash
a07d9731901abfcad39bd45aee1a2281
6486d12587d178f0f671510ce90897040a81da45
4325dd1f07be26159ae0de3260091bc1873689cd1c9201930469fb51d8a0a350

HTTP Headers

GET /1step/lpd01/img/ll-logo-3.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 54410
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:35:00 GMT
etag: "a07d9731901abfcad39bd45aee1a2281"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DTYmZFKs3aOjBWZHCDBBx24IUtPqoaiqa_XvE5jY_Sfn8yyeshrnuA==
age: 84279
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/vidposter3.jpg

143.204.55.110

200 OK

31 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/vidposter3.jpg
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1413x791, components 3\012- data
Size
31 kB (30854 bytes)
Hash
98222e016619095939d8bbf5a70658d7
a0d4cf1efdd473b1bb701e101a09ed7f0a5930ba
8146545ce8dc9e9fd19b5dfa3bc515e176a9254119ad0f73913bce9417c0e811

HTTP Headers

GET /1step/lpd01/img/vidposter3.jpg HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 30854
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 05:22:55 GMT
etag: "98222e016619095939d8bbf5a70658d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KwSpNcJdvdEaHbQkf8y4hTTFooh8KHx2cUAKXMWCeDonlBGy664HHg==
age: 52604
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/chevronclear.png

143.204.55.110

200 OK

8.2 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/chevronclear.png
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PNG image data, 300 x 275, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8151 bytes)
Hash
98ef78c3ec49601701fe8869417157c6
9ae51b255f943f751104f7c83353beeeab9f513c
4429e2c227892ba131446b00b7484af8bc6d44be891ca976ddf3d14efed3eee8

HTTP Headers

GET /1step/lpd01/img/chevronclear.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8151
date: Sun, 04 Sep 2022 01:39:56 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: "98ef78c3ec49601701fe8869417157c6"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 42Dfr0YiTD_04KnB3-1n89oA9U8Yo_ksXZVogtVfJr7-wCc-F-jMBA==
age: 65983
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c575d86ec5d4686303232abc4f6c2b47
f542eecf59a48034ca84be42dc870d70403e6ea8
dac96b063492b55dc89bbca7740caeaed649a4da5363b10e49e45ef4c18e3490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Last-Modified: Sun, 04 Sep 2022 19:11:23 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fkJzKSG77pRGiuH8bMAxDyxa7CHxZM-Sy3sXME_eQ5f3NVYBxiI9zA==
Age: 2895

sdk.helixbi.io/helixlead.js

143.204.55.87

200 OK

5.4 kB

URL HTTP/2
sdk.helixbi.io/helixlead.js
IP
143.204.55.87:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
5.4 kB (5373 bytes)
Hash
b3c9eca5f6d38f65ee802bd80e43b981
8d4c85f85fd5642e0381e95d471cc2968298b4e6
bd1f220e6edc24a22f3c6609f8474884a64a83fcafe18e15eafac29040e15607

HTTP Headers

GET /helixlead.js HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 5373
date: Sun, 04 Sep 2022 06:56:21 GMT
last-modified: Tue, 19 Jul 2022 17:39:06 GMT
etag: "b3c9eca5f6d38f65ee802bd80e43b981"
x-amz-version-id: N30faJXpS1esiDCJNgGAI2m9ItY5SWqw
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EyPvqVUe24Y8agtzag_SIOUvOQzxb_rf62aBibA3yno3sc9KNtejdw==
age: 46997
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,700&display=swap

142.250.74.10

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1269 bytes)
Hash
31ab2330a1bd8ebc72b2828af12cf901
ceed9e66ffdde51613a7c978650cdef1971c2737
86df0e0be390e30b14da85623fa4412889f19ce4c96b787a98f63658692f827d

HTTP Headers

GET /css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Sep 2022 19:59:38 GMT
date: Sun, 04 Sep 2022 19:59:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c575d86ec5d4686303232abc4f6c2b47
f542eecf59a48034ca84be42dc870d70403e6ea8
dac96b063492b55dc89bbca7740caeaed649a4da5363b10e49e45ef4c18e3490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 583RkvRUj5EShh560x97rWtf-KZZOc4kbwti_ylOL_xlcLxCxobiBw==

sdk.helixbi.io/bltable.js

143.204.55.87

200 OK

65 kB

URL HTTP/2
sdk.helixbi.io/bltable.js
IP
143.204.55.87:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65219), with CRLF line terminators
Size
65 kB (65289 bytes)
Hash
4ef0931a84745050dc9ce973340911cc
b376fe14717e56bc349d9bb63afa8f7311515feb
c0b4fc6bd9029a4baa5d66b216c5d4d06c2bff0d1d56f4403e431656211006a3

HTTP Headers

GET /bltable.js HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 65289
last-modified: Fri, 02 Sep 2022 16:13:07 GMT
x-amz-version-id: tKERDOjv0Dg8wpKZCySqT3hCkGQm2H1Z
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 16:20:44 GMT
etag: "4ef0931a84745050dc9ce973340911cc"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nOqF84LfXMqIZFuW_EMbakKDDIwyvzj2Rle0pD9ie7CJ-lKX3_1k6A==
age: 13135
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c575d86ec5d4686303232abc4f6c2b47
f542eecf59a48034ca84be42dc870d70403e6ea8
dac96b063492b55dc89bbca7740caeaed649a4da5363b10e49e45ef4c18e3490

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LeeYFclfACNrzHb42yTG0O6pT0h0CSv-SZUufQy6A0aPzRg0xlOWaw==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D

143.204.55.87

200 OK

16 kB

URL HTTP/2
sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D
IP
143.204.55.87:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16072), with no line terminators
Size
16 kB (16072 bytes)
Hash
fc0b3a91ad17eca1f1af0dea86fbb192
224e357efcb29d52ed1423101be1223f1080215c
ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1

HTTP Headers

GET /cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 16072
last-modified: Wed, 22 Jul 2020 22:46:04 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 22:54:09 GMT
etag: "fc0b3a91ad17eca1f1af0dea86fbb192"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hEQfgvAnB33PtRh_oUJB-zE6YIYkkVai9egvbfjej-JzBg2i_YTO1A==
age: 75930
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9

142.250.74.72

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
38 kB (38360 bytes)
Hash
9cb2c63eb92b61e93f101e90cfdc880c
1985f7d939238adfea5f0bfe3d804f721eeacd84
b46cca61f95aa18cdf5599ae2111b1cd2a177e20ac1e5505c3ac4bbe53d3bdfb

HTTP Headers

GET /gtm.js?id=GTM-T2CBVN9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 19:59:38 GMT
expires: Sun, 04 Sep 2022 19:59:38 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/marinehead.jpg

143.204.55.110

200 OK

93 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/marinehead.jpg
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1333, components 3\012- data
Size
93 kB (93109 bytes)
Hash
918e00b0c52fafa6dc5ef912d1244768
2b07b36814aba689eb31a93f053c756ca68dc845
433f80fcc3688c5fa7273bed5735675e3b4868d3a8d8f21175dbb0502ed6e5a6

HTTP Headers

GET /1step/lpd01/img/marinehead.jpg HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 93109
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:35:01 GMT
etag: "918e00b0c52fafa6dc5ef912d1244768"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0gbJgtMRyt1zYOc_HGjBoX__cXN0UUpyc1Ey3-jGVDuDpU9gmCj-yQ==
age: 84278
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lejeunelawsuits.com/1step/lpd01/main.css

143.204.55.110

200 OK

4.8 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/main.css
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (393)
Size
4.8 kB (4777 bytes)
Hash
559d76d27cdd93a65ce8fc28a4de7a33
851f652cc21469af64534a440938dc1b5d3b5c41
b1074c806ee740cc95b6d5d7c07d3f3e88d7af4f3ed9916c9c5e1d137b03039e

HTTP Headers

GET /1step/lpd01/main.css HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
content-encoding: br
date: Sun, 04 Sep 2022 02:42:55 GMT
etag: W/"e784b0241ecfc41dccc5113101ad98ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rV3xvH86NdlicLwzAVvLU-9N3PRVNqqvJWc0mLWRKVxog9bigQjNDg==
age: 62204
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/bundle.js

143.204.55.110

200 OK

34 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/bundle.js
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
34 kB (33718 bytes)
Hash
de550ba470f4101a780352bea90974c3
dfec5ebeba1cd164da7582f78268e5203a3f63ee
520e5c8fa62d9ea210d1e1619dfccba5fd12323482809021f53be78ee760da33

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1step/lpd01/bundle.js HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Sun, 04 Sep 2022 00:40:50 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: W/"38f8ebe118f41d522df14744389155a6"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u_GYjAwynJxJhTOPCJO--gwYMjcA2jyfMxrpVWlEDMfzvEAvf9wqGw==
age: 69529
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2

142.250.74.163

200 OK

40 kB

URL HTTP/2
fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 40144, version 1.0\012- data
Size
40 kB (40144 bytes)
Hash
0116041b31726cea3144332b673919e8
c6f0008edefdcf305498582fa145917b7ce420c2
306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce

HTTP Headers

GET /s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 01:53:48 GMT
expires: Sun, 03 Sep 2023 01:53:48 GMT
cache-control: public, max-age=31536000
age: 151551
last-modified: Mon, 11 Jul 2022 19:16:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lejeunelawsuits.com/1step/lpd01/img/check.png

143.204.55.110

200 OK

1.9 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/check.png
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PNG image data, 591 x 455, 8-bit colormap, non-interlaced\012- data
Size
1.9 kB (1876 bytes)
Hash
4f688e32e01aa6501fbb46c0e560a4db
76b9f852af73965584da2a7585c0f02690deb590
b29af146b7c0f76320090c4de3f8488ea74be090128a3f84ea98d18874e27a28

HTTP Headers

GET /1step/lpd01/img/check.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Cookie: 100776_ps=o2~|#d/u#!#2773432686376#-#w/j#!#45JEG:HJ46.2I1B.63J4#-#w/dg#!#2773432686384#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2773432686384#-#t/t#!#2773432686384#-#w/gt#!#2773432686384#-#w/dm#!#2773432686384#~; 100776_hxc=o2~|#8596#!|#i/dn/je#!#8596#-#i/dn/gs#!#2773432686384#-#i/dn/sd#!#2#-#i/dn/ut#!#2773432686384#-#i/dn/mq#!#iuuqt&4B00xxx/mfkfvofmbxtvjut/dpn02tufq0mqe120#-#i/dn/b2#!#53735#-#i/dn/b3#!#54737`:925756`22#-#i/dn/b4#!#483777:42#~~; 100776_ss=o2~|#t/td#!#2#~; 100776_cs=o2~|#qh#!|~-#dnq#!|~~; _gcl_au=1.1.308592511.1662321575
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1876
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:46:00 GMT
etag: "4f688e32e01aa6501fbb46c0e560a4db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HoZ-zXjkrYjE2SlU5a5NW3tH1mAMZteMnsNbUejmAYsItWmZ-pndSg==
age: 83620
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0bf26d91cd34509d5fedb2bc94062353
f7a067498300eaa6e8b9ae4f3bc65f0e112f9056
7a3ddb479a093d513f8a2609052cbdd08c71e1d059f4a3e82d7f8c9a7d139091

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 19:49:49 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PDD83DW4qEjhBEvKGsmZs5SO838wSGkokkZacCiCl9g3BpArxjNJyw==
Age: 590

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9d1b1f8863738d685244d8ff50edd446
c540a5855693f94781e7bcf67956a981f4e6e0f6
9a2668eab09ca5a2e653ebf87ecb978c131e8a263adc7d3685c30311063ba5da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 18:41:25 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hglFCJcUQOGhBMUKe8J2eGfJB1Gg--Evznq1sUK82ykTzhEu2DgOAQ==
Age: 4694

api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293

3.230.219.164

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293
IP
3.230.219.164:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sun, 04 Sep 2022 19:59:39 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/CLVfav.png

143.204.55.110

200 OK

8.8 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/CLVfav.png
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
8.8 kB (8792 bytes)
Hash
dabbdaedee96b2fd6043a33a4643f41a
9f2f5ee45b59b3539395f7968cf34d4451278c0f
a2ccf5a32d6e940fd1fab511cac99228d05563386ca4c49c442ef9a3d76e081c

HTTP Headers

GET /1step/lpd01/img/CLVfav.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Cookie: 100776_ps=o2~|#d/u#!#2773432686376#-#w/j#!#45JEG:HJ46.2I1B.63J4#-#w/dg#!#2773432686384#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2773432686384#-#t/t#!#2773432686384#-#w/gt#!#2773432686384#-#w/dm#!#2773432686384#~; 100776_hxc=o2~|#8596#!|#i/dn/je#!#8596#-#i/dn/gs#!#2773432686384#-#i/dn/sd#!#2#-#i/dn/ut#!#2773432686384#-#i/dn/mq#!#iuuqt&4B00xxx/mfkfvofmbxtvjut/dpn02tufq0mqe120#-#i/dn/b2#!#53735#-#i/dn/b3#!#54737`:925756`22#-#i/dn/b4#!#483777:42#~~; 100776_ss=o2~|#t/td#!#2#~; 100776_cs=o2~|#qh#!|~-#dnq#!|~~; _gcl_au=1.1.308592511.1662321575; _ga_FPS8WV0V59=GS1.1.1662321575.1.0.1662321575.0.0.0; _ga=GA1.1.809370099.1662321576
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8792
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:15:46 GMT
etag: "dabbdaedee96b2fd6043a33a4643f41a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XwVcqfX23kjF_6Hi3oCaU_XsDIWfJvYOVeEi0kTVt6mK11-KUf-kFQ==
age: 85434
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2503c1a369b7c49bfa130d30982cef0b
10b78b9ea451514529903f9dc8afa14e2faa269e
e44ef17d03ceb3e9c6be565d5c2103d59127203b62516ca4849c32c546aa7577

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 18:22:24 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CVvFXoejvvjH6_gdRFxOU6qmCzr-3V8QzAUKR1O2G8SZd6dk6g_R4Q==
Age: 5835

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6064def67bc55b45ac299ddc4d22f62c
4ef4f36a1441a330994b65481ba96815fa75e5fd
b33cdf2a57a02a085e6344d9a2370b550108d75b1c55130d662243be00e5b47e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 18:54:40 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PZgxbFDostWmx6MUmqnxl_WpOxDw4Ll2gG9M_-HEBCnt1o34H4cCZw==
Age: 3900

gw.helixbi.io/gw?g.t=1662321575273&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IDF9GI35-1H0A-52I3&g.i=1.1.0-JSW&v.i=34IDF9GI35-1H0A-52I3&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662321575273&s.s=1662321575273&v.fs=1662321575273&h.cm.id=7485&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42624&h.cm.a2=43626_9814645_11&h.cm.a3=372666931&h.cm.fr=1662321575273&h.cm.rc=1&h.cm.ts=1662321575273&h.et=campaigns

44.241.18.46

200 OK

43 B

URL HTTP/2
gw.helixbi.io/gw?g.t=1662321575273&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IDF9GI35-1H0A-52I3&g.i=1.1.0-JSW&v.i=34IDF9GI35-1H0A-52I3&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662321575273&s.s=1662321575273&v.fs=1662321575273&h.cm.id=7485&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42624&h.cm.a2=43626_9814645_11&h.cm.a3=372666931&h.cm.fr=1662321575273&h.cm.rc=1&h.cm.ts=1662321575273&h.et=campaigns
IP
44.241.18.46:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /gw?g.t=1662321575273&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IDF9GI35-1H0A-52I3&g.i=1.1.0-JSW&v.i=34IDF9GI35-1H0A-52I3&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662321575273&s.s=1662321575273&v.fs=1662321575273&h.cm.id=7485&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42624&h.cm.a2=43626_9814645_11&h.cm.a3=372666931&h.cm.fr=1662321575273&h.cm.rc=1&h.cm.ts=1662321575273&h.et=campaigns HTTP/1.1
Host: gw.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:59:39 GMT
content-type: image/gif
content-length: 43
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Jetty(9.4.2.v20170220)
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-FPS8WV0V59&gtm=2oe8v0&_p=1745441833&cid=809370099.1662321576&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662321575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7485%26hxc_a1%3D42624%26hxc_a2%3D43626_9814645_11%26hxc_a3%3D372666931%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-FPS8WV0V59&gtm=2oe8v0&_p=1745441833&cid=809370099.1662321576&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662321575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7485%26hxc_a1%3D42624%26hxc_a2%3D43626_9814645_11%26hxc_a3%3D372666931%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-FPS8WV0V59&gtm=2oe8v0&_p=1745441833&cid=809370099.1662321576&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662321575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7485%26hxc_a1%3D42624%26hxc_a2%3D43626_9814645_11%26hxc_a3%3D372666931%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.lejeunelawsuits.com
date: Sun, 04 Sep 2022 19:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.trustedform.com/certs

3.230.219.164

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
3.230.219.164:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
bd1636e0454173d9d0b04a89bc5a5ca7
f4cade43ed99408047144ae58df9778f67eb769b
3a98a598f03eb7543904d78b2c52b58a8c5f554c210bc7611dc2ac41e75462be

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 706
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Sun, 04 Sep 2022 19:59:40 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

api.trustedform.com/certs/a5897a91ffb48206e1c91a25ea2bfa555b00673a/snapshot

3.230.219.164

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/a5897a91ffb48206e1c91a25ea2bfa555b00673a/snapshot
IP
3.230.219.164:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/a5897a91ffb48206e1c91a25ea2bfa555b00673a/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7899
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 04 Sep 2022 19:59:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178

143.204.55.110

200 OK

0 B

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178 HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
date: Sun, 04 Sep 2022 01:34:14 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: W/"8bfc5d5f2a6a37764b2bb97bc5b3162d"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZxhI-lt4FM0LaXMnTB7rxxdmL9K19Z0MPBzqmz2gHkzQgkSIwhBEMw==
age: 66325
X-Firefox-Spdy: h2

s3.us-west-2.amazonaws.com/converge.cdn/media/InvisibleMonster.mp4

52.218.236.16

206 Partial Content

0 B

URL HTTP/1.1
s3.us-west-2.amazonaws.com/converge.cdn/media/InvisibleMonster.mp4
IP
52.218.236.16:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /converge.cdn/media/InvisibleMonster.mp4 HTTP/1.1
Host: s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
x-amz-id-2: wC6jTUpDJ4gZIpPPY9ogHPc87qyr5Uys8hYGrMppkO9RnDOD2jY6yXNM0eob51AwgtXNIj5VIo4=
x-amz-request-id: 0TBZDMBMPXN9AYYZ
Date: Sun, 04 Sep 2022 19:59:40 GMT
Last-Modified: Thu, 16 Jun 2022 18:40:47 GMT
ETag: "9214711136be7244be79394698156916"
x-amz-version-id: XBNOMZpSkrUNcrzaV0y8si0aJBv.kmEF
Accept-Ranges: bytes
Content-Range: bytes 0-12107025/12107026
Content-Type: video/mp4
Server: AmazonS3
Content-Length: 12107026

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lejeunelawsuits.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Sun, 04 Sep 2022 19:59:40 GMT
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7O12IzanK8LVJbVhP2RgJxy1kKkKyqkWZ8nfxi1BuXzem3D6F3Z9UQ==
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.27.js

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.27.js
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /trustedform-1.8.27.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Sep 2022 19:59:40 GMT
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vo7F8kzuzkmfYgUwnPO7s8PHiwfnf0dfuPMEB0PfxikoAV0rYQvLPw==
age: 4
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations