Overview

URLinfo.lhh.com/e/591171/tain-your-best-talent-download/5qbcss/998413472?h=EJPvVSyx0ROwj7Xf0o76JCg1GU2EW4gWj6sjNAW_tiA
IP 34.237.219.119 (United States)
ASN#14618 AMAZON-AES
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 16:15:11 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts No alerts detected
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:46:10 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.215.107.141
info.lhh.com (2) 0 2019-03-13 01:25:04 UTC 2020-03-14 19:32:16 UTC 3.215.172.219 Domain (lhh.com) ranked at: 477444
storage.pardot.com (1) 10646 2019-01-20 16:51:53 UTC 2020-05-04 08:41:57 UTC 54.230.111.74
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

URL storage.pardot.com/591171/1666709916GeA8qabC/CIAB_GWoF_Mobility_Paper.pdf
IP  54.230.111.74
Magic PDF document, version 1.7, 0 pages\012- data
Size 9741861
MD5 32af2e6795d926d0426d3ac7587bba30
SHA1 4b7200054907006e7b7de4d36ff74132bdcc1246
SHA256 059e2c458417db76b8641955c3e8d049effb52bcbe98fea26dd1cba979bbbda1
Analyzer Analysed Verdict Comment
VirusTotal 2022-11-28 16:15:31 0/63  VirusTotal Report

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.237.219.119
Date UQ / IDS / BL URL IP
2023-02-02 13:42:53 +0000 0 - 2 - 0 info.r3.com/e/413292/corda/2388mw8/2154247354 (...) 34.237.219.119
2023-01-30 13:18:58 +0000 0 - 0 - 1 info.eseye.com/e/794183/nch-utm-content-prosp (...) 34.237.219.119
2023-01-24 12:27:12 +0000 0 - 0 - 0 www1.spauldingridge.com 34.237.219.119
2023-01-19 02:48:02 +0000 0 - 1 - 0 go.bevi.co/e/891143/with-bevi-smart-water-coo (...) 34.237.219.119
2023-01-18 18:10:12 +0000 0 - 7 - 0 go.symphonyazimaai.com/e/578521/company-38307 (...) 34.237.219.119


Last 5 reports on ASN: AMAZON-AES
Date UQ / IDS / BL URL IP
2023-02-05 14:35:35 +0000 0 - 0 - 4 sberbank.avito.avito.sberbank.sber.avito.avit (...) 3.89.181.9
2023-02-05 14:35:34 +0000 0 - 0 - 4 blablacar.avito.avito.sberbank.sber.avito.avi (...) 3.89.181.9
2023-02-05 14:22:32 +0000 0 - 1 - 0 on.theatln.tc/cYpxMit 35.153.229.68
2023-02-05 14:22:10 +0000 0 - 1 - 0 on.theatln.tc/d3XdHcY 3.214.103.137
2023-02-05 13:59:36 +0000 6 - 2 - 13 www.ak3.duckdns.org/securityQ.html 34.231.100.193


Last 5 reports on domain: lhh.com
Date UQ / IDS / BL URL IP
2022-12-09 15:56:42 +0000 0 - 0 - 0 info.lhh.com/r/591171/1/1010738330/open/1 34.237.219.119
2022-12-09 15:55:06 +0000 0 - 0 - 0 info.lhh.com/unsubscribeConfirm/591171/c29616 (...) 34.237.219.119
2022-12-09 15:54:21 +0000 0 - 0 - 0 info.lhh.com/e/591171/points-trap/5qrt2p/1010 (...) 34.237.219.119
2022-12-09 15:53:26 +0000 0 - 0 - 0 info.lhh.com/l/591171/2022-10-25/5q5tvs/59117 (...) 52.54.96.194
2022-12-09 15:50:54 +0000 0 - 0 - 0 info.lhh.com/e/591171/2022-11-11/5sm1l9/10107 (...) 34.237.219.119


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-26 14:58:14 +0000 0 - 0 - 5 curatedtechreportsreviews.com/16322-113114/66 (...) 52.21.249.213
2022-10-08 18:46:36 +0000 0 - 0 - 7 curationtechnologycontentpub.com/16528-114865 (...) 52.21.249.213
2022-09-06 18:13:01 +0000 0 - 0 - 12 itcproreporting.com/16476-114376/62947?uid=21 (...) 52.0.69.252
2023-01-12 14:51:23 +0000 0 - 0 - 7 mailmitteittech.com/api/tracking/bclick?email (...) 3.19.145.200
2022-12-10 04:25:20 +0000 0 - 0 - 18 proitcpublishing.com/element-io-12629-84147/4 (...) 3.219.196.19

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (23)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3548
Expires: Mon, 28 Nov 2022 17:14:08 GMT
Date: Mon, 28 Nov 2022 16:15:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12337
Expires: Mon, 28 Nov 2022 19:40:37 GMT
Date: Mon, 28 Nov 2022 16:15:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8C16F9F19D31137F674F34766131CD9F0B0F2C410F1B5803D73BA96604DF4876"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5236
Expires: Mon, 28 Nov 2022 17:42:16 GMT
Date: Mon, 28 Nov 2022 16:15:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4250
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 16:15:00 GMT
Last-Modified: Mon, 28 Nov 2022 15:04:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 163SXTS2aGantm1hobyj5Z0i9C9onfOZmebA5djjPZaYsHL1T+D2fdcckSrZHqXJ3V0jNoBLeNM=
x-amz-request-id: 82VPK256A9YTJC3A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 15:42:07 GMT
age: 1973
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 15:19:32 GMT
cache-control: public,max-age=3600
age: 3328
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 16:15:00 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 16:08:55 GMT
cache-control: public,max-age=3600
age: 365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3178
Cache-Control: max-age=150293
Date: Mon, 28 Nov 2022 16:15:00 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:59:53 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +ViyCuuhsxdwYzaS2FhwYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.215.107.141
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QfTmSb2pAViI2xnrEPYdXVm6InI=

                                        
                                            GET /e/591171/tain-your-best-talent-download/5qbcss/998413472?h=EJPvVSyx0ROwj7Xf0o76JCg1GU2EW4gWj6sjNAW_tiA HTTP/1.1 
Host: info.lhh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         3.215.172.219
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 16:15:01 GMT
Content-Length: 141
Connection: keep-alive
location: https://info.lhh.com/GBL/CTM-strategies-to-retain-your-best-talent-download
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id591171=472562567; expires=Thu, 25-Nov-2032 16:15:00 GMT; Max-Age=315359999; path=/; secure; SameSite=None visitor_id591171-hash=5fb814df35cf6a62afdf2f37ac0cd8510a580b2982fc4cc5881cfb7c3439d02a894b8cd96174261d970bc398aa09964c963c0cea; expires=Thu, 25-Nov-2032 16:15:00 GMT; Max-Age=315359999; path=/; secure; SameSite=None
cache-control: max-age=63072000
expires: Wed, 27 Nov 2024 16:15:00 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   141
Md5:    42de829fb81f496349e452a027e42bb3
Sha1:   4b569ebbbaf24e1d1f5e287e2b4c99de54df07c1
Sha256: d696b58ae3c38e986a8c325bbec92ee60470c8c9172604b46e50fd9ff112d499
                                        
                                            GET /GBL/CTM-strategies-to-retain-your-best-talent-download HTTP/1.1 
Host: info.lhh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: visitor_id591171=472562567; visitor_id591171-hash=5fb814df35cf6a62afdf2f37ac0cd8510a580b2982fc4cc5881cfb7c3439d02a894b8cd96174261d970bc398aa09964c963c0cea
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         3.215.172.219
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 16:15:02 GMT
Content-Length: 155
Connection: keep-alive
location: https://storage.pardot.com/591171/1666709916GeA8qabC/CIAB_GWoF_Mobility_Paper.pdf
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
x-robots-tag: none
cache-control: no-store
expires: Mon, 28 Nov 2022 16:05:02 GMT
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id591171=472562567; expires=Thu, 25-Nov-2032 16:15:01 GMT; Max-Age=315359999; path=/; secure; SameSite=None visitor_id591171-hash=5fb814df35cf6a62afdf2f37ac0cd8510a580b2982fc4cc5881cfb7c3439d02a894b8cd96174261d970bc398aa09964c963c0cea; expires=Thu, 25-Nov-2032 16:15:01 GMT; Max-Age=315359999; path=/; secure; SameSite=None
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   155
Md5:    092ee960ebb2f5636fa95d51b9f80ee9
Sha1:   63e77c0cfeca31e49554b35b14b6883dd5988b45
Sha256: c27e7ad9dc3157224e2256586169d164210bcd2e0cb693e54a5b679f66e49ee7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8346
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:15:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8346
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:15:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8346
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:15:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8346
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 16:15:02 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 20:58:19 GMT
age: 69403
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8387
Md5:    4e97baa4851785eac92c719abf481c64
Sha1:   c32a57038d3cdbc514c9081c9938eca6a04fb481
Sha256: adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10944
x-amzn-requestid: 8f48c27c-bbec-46f5-9c08-1cc804b9aff7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIbJ_FyvIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63800bd9-2ffa8521241a5e5b0afc0935;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 00:27:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YiBUU3kS0VrcVOwKXUHgIRygLLeXGp1TjBYDi6WwWWm6WMKktzfHg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:36:32 GMT
age: 63510
etag: "a23fd98701ac35cd8740d1f7a832118c770e20c8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10944
Md5:    5e586c141835f4ac8819c55dcb811b4d
Sha1:   a23fd98701ac35cd8740d1f7a832118c770e20c8
Sha256: 4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6egDH0h7D08HhaoQHQ0vgghBhPfje2lGIbnWD-t7p4txzHsFxmZfg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 16:15:23 GMT
age: 86379
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8817
Md5:    741ddfb19764ac9a77509e7e87cfbfb2
Sha1:   308c08784ce4a0757cbd112807555b83e17a1d56
Sha256: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 65626
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 66199
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 65616
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6376
Md5:    78b1389f425425d0450c94d900404dc4
Sha1:   53b12a8702f7c5b7cc697e2a24da824d9434be65
Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
                                        
                                            GET /591171/1666709916GeA8qabC/CIAB_GWoF_Mobility_Paper.pdf HTTP/1.1 
Host: storage.pardot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.74
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 9741861
date: Mon, 28 Nov 2022 16:15:03 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 14:58:37 GMT
etag: "32af2e6795d926d0426d3ac7587bba30"
x-robots-tag: none
content-disposition: attachment
x-amz-version-id: n_YMk8UWydZWvb67Cvi90bJcYfALEtxc
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 53tQpz-FgZsnZ_xiijlYbzYnykANQhGmWa7KpV_Yt3c3FH23R7DImw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PDF document, version 1.7, 0 pages\012- data
Size:   9741861
Md5:    32af2e6795d926d0426d3ac7587bba30
Sha1:   4b7200054907006e7b7de4d36ff74132bdcc1246
Sha256: 059e2c458417db76b8641955c3e8d049effb52bcbe98fea26dd1cba979bbbda1

Alerts:
  File Analyzers:
    - virustotal: 0/63