Report - learn.uwaterloo.ca/

Report Overview

Submitted URL
learn.uwaterloo.ca/
IP
35.182.159.118
ASN
#16509 AMAZON-02
Submitted
2022-09-01 22:35:34
Access
public
Website Title
Final URL
Tags
None
urlquery detections
Phishing website detected

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	1.6 kB	4.4 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	329 B	737 B	93.184.220.29
2fa-gw.uwaterloo.ca	unknown	2020-01-21T11:48:13Z	2023-02-12T11:51:44Z	894 B	3.1 kB	129.97.208.56
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-17T05:09:51Z	347 B	1.9 kB	104.18.21.226
adfs.uwaterloo.ca	unknown	2017-05-04T17:17:03Z	2023-02-15T20:18:05Z	4.8 kB	313 kB	129.97.208.14
learn.uwaterloo.ca	unknown	2014-02-16T00:44:38Z	2023-02-22T17:37:51Z	1.9 kB	4.1 kB	35.182.159.118
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	865 B	143.204.42.158
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	52.39.57.61
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	57 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D	329 B	2023-03-07	2024-04-25
Pretty URL adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D IP 129.97.208.14 ASN #12093 UWATERLOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 18:48:04 Times Seen925 Hash 097a19f95cd08ecbbc661052b26f0b8a 377a038d746b67f20117196b67c4790250a1d86e 88b0507affd47707dd2caad2efb8829a6db41697e4f98674f0870227d43a1dc3 Loading...

	adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D	4.5 kB	2023-03-07	2024-04-25
Pretty URL adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D IP 129.97.208.14 ASN #12093 UWATERLOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 18:48:04 Times Seen889 Hash eadb1c57f47e53a98b694a385f79f620 e91698d36f629f7a08ce11962a6e32306239e942 7e76f95325cbc84d2b81876f84c0f296f149c093c28694f28dfe94ad95b57593 Loading...

	adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D	74 B	2023-03-07	2024-04-25
Pretty URL adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D IP 129.97.208.14 ASN #12093 UWATERLOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 02:01:47 Times Seen1181 Hash f45acdd570674b3cbfb341f472b50b79 54234db194e495f33df75c256c355be3ea927885 a0609519e75507a912342dfccd41b2775f8065ffa3a93662b7cec09e963dd824 Loading...

	adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D	279 B	2023-03-07	2024-04-23
Pretty URL adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D IP 129.97.208.14 ASN #12093 UWATERLOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-23 15:42:04 Times Seen561 Hash f72c5c2c97ec721cc1d373ad35d6895d 96681997b700168a435fdcfd4cd19ad1760915cd f33c0d856ba8c8cc39c22d79b90cae7efd7d697b430842834676f0bd33c84c5d Loading...

	adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D	1.5 kB	2023-03-07	2024-04-25
Pretty URL adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D IP 129.97.208.14 ASN #12093 UWATERLOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-25 02:01:47 Times Seen980 Hash 2468778aab7f738efe448e7286a89810 8e22d446ddabbc604fc639c8b39e11d150e1513f d0d79904eae708f6ab256d015cd7cea6de4dc38089e11b4a34639aea19855d5b Loading...

	adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D	4.0 kB	2023-03-07	2023-03-17
Pretty URL adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D IP 129.97.208.14 ASN #12093 UWATERLOO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:53 Last Seen2023-03-17 11:27:37 Times Seen1 Hash 3a30d9fae368f4ec88cd3f5aa6cb0110 e1d81007d629e845853a23504d6c97ea1c0f6df7 5069e2c54b82b9b2544ef04cd341cdc0a0f3d88a158da2737f6ccc4063fb7c55 Loading...

HTTP Transactions (29)

URL IP Response Size

learn.uwaterloo.ca/

35.182.159.118

302 Moved Temporarily

110 B

URL HTTP/1.1
learn.uwaterloo.ca/
IP
35.182.159.118:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
110 B (110 bytes)
Hash
f366e0e18b589cb6f243bf43ce75e83c
0f95dda86ab28586f00bc878b42ecd09e579a890
075f0fd7eeb4bfec31816d61be72b064d4899853b224bd5f380041d7dd0b1d19

HTTP Headers

GET / HTTP/1.1
Host: learn.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: awselb/2.0
Date: Thu, 01 Sep 2022 22:35:23 GMT
Content-Type: text/html
Content-Length: 110
Connection: keep-alive
Location: https://learn.uwaterloo.ca:443/

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 21:41:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ZhUxhZ1TUPpnuasAcDAuaF0LLjHFYxGM1t3clQM6cN9tAlqFWxHJw==
Age: 3238

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5522
Expires: Fri, 02 Sep 2022 00:07:25 GMT
Date: Thu, 01 Sep 2022 22:35:23 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UNveMGJd1uHy8VraNRTTi0xvD435YIEdbQ31tCyz2_n01dH1qtl6TQ==
age: 76807
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 22:35:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab774934b42d6cacbcc8a9990832dab8
87faa255557d8f1f3c0ba60de105bb767669ff55
c60180b5d5cb09b558839a8372e1e2616bad58815b1fa670c59ad22ff890a92a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 22:35:23 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eNkAoiXt9mscOtp9h6zVOMyYZn5C1OhXm6w6-sI8tZCJf9K_uucP3w==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 01 Sep 2022 21:57:05 GMT
Cache-Control: max-age=3600
Expires: Thu, 01 Sep 2022 22:02:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b33K6YWZKxKYzjBLVzN2REsXV5PLvFe9_-tpwfJ-Ktbgxc04PKPU4w==
Age: 2299

learn.uwaterloo.ca/

99.79.134.154

302 Found

127 B

URL HTTP/2
learn.uwaterloo.ca/
IP
99.79.134.154:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
127 B (127 bytes)
Hash
297832be215934b68272a171af574a14
f7e70efa5ec98617675c5c116f69fabb4bb6a289
17df3487a44243af92791be1feb63e6dfe88ae2651a4a12bf02a5c5e0935cb3b

HTTP Headers

GET / HTTP/1.1
Host: learn.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 01 Sep 2022 22:35:24 GMT
content-type: text/html; charset=utf-8
content-length: 127
cache-control: private
location: /d2l/login
server: Microsoft-IIS/10.0
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self' https://s.brightspace.com https://*.ally.ac https://leaplti.desire2learn.com/ https://leaplti-fr.brightspace.com/ https://tryleap.brightspace.com/ https://leaplti-es.desire2learn.com/ https://leaplti-ptbr.desire2learn.com/ https://leaplti-us.brightspace.com/ https://leaplti-apac.brightspace.com/ https://leaplti-emea.brightspace.com/ https://leapqa.net https://leaplti-ap.brightspace.com https://login.microsoftonline.com/ https://login.live.com/ https://cdn.lcs.brightspace.com/; report-uri /d2l/csp/report
X-Firefox-Spdy: h2

learn.uwaterloo.ca/d2l/login

99.79.134.154

302 Found

140 B

URL HTTP/2
learn.uwaterloo.ca/d2l/login
IP
99.79.134.154:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
140 B (140 bytes)
Hash
03a039921dc2e52bb786f144461a550c
f220548df841df104e8d6e153bf7b69d7ba54466
af02f5102a6cf38e192ce664cf2aed2fc88b33888d376b9c9083ff4d39b1f377

HTTP Headers

GET /d2l/login HTTP/1.1
Host: learn.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Thu, 01 Sep 2022 22:35:24 GMT
content-type: text/html; charset=utf-8
content-length: 140
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: /d2l/lp/auth/saml/login
server: Microsoft-IIS/10.0
x-request-id: 1a76a68a-e0e6-4ce5-938d-f7372b34d30b
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
set-cookie: ADRUM_BTa=R:0|g:76f555fe-5a48-452d-83d4-a4cea79627d9|n:D2L-Prod_407a60ed-b34d-40a0-8586-bc31d0988eb7; expires=Thu, 01-Sep-2022 22:35:54 GMT; path=/
SameSite=None; expires=Thu, 01-Sep-2022 22:35:54 GMT; path=/
ADRUM_BT1=R:0|i:266873|e:20; expires=Thu, 01-Sep-2022 22:35:54 GMT; path=/
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
link: <https://s.brightspace.com>; rel=preconnect
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5971
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 22:35:24 GMT
Last-Modified: Thu, 01 Sep 2022 20:55:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

learn.uwaterloo.ca/d2l/lp/auth/saml/login

99.79.134.154

302 Found

602 B

URL HTTP/2
learn.uwaterloo.ca/d2l/lp/auth/saml/login
IP
99.79.134.154:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (530), with CRLF line terminators
Size
602 B (602 bytes)
Hash
fda814f0341c564ddfafb9abf1df93c7
23a4f4a7ebd22604036908c040eb158ac9347536
d19405096522422590ebff433dcbc7f2b7a5b76d115004dbe0d51ca3f8887f43

HTTP Headers

GET /d2l/lp/auth/saml/login HTTP/1.1
Host: learn.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ADRUM_BTa=R:0|g:76f555fe-5a48-452d-83d4-a4cea79627d9|n:D2L-Prod_407a60ed-b34d-40a0-8586-bc31d0988eb7; SameSite=None; ADRUM_BT1=R:0|i:266873|e:20
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Thu, 01 Sep 2022 22:35:24 GMT
content-type: text/html; charset=utf-8
content-length: 602
location: https://2fa-gw.uwaterloo.ca/dag/saml2/idp/SSOService.php?SAMLRequest=jdE9b4MwEAbgvVL%2fA%2fKODcYEsCBS1C6R0iVpO3SpDmMSJGNTn2n780saRe2Y7T70So%2fu6s0cTnavP2aNIdo%2bNgRhNP7Sv7cpbwsFedqvStEnq7LvoddlD1yt8kIIEr1qj4OzDeE0IdEWcdZbiwFsWEYJ53FSxUn6zLnMcskFzTJRlpV4I9EGUfuwZB%2bcxXnU%2fqD956D0y37XkFMIE0rGjAZv6fwFQXvjHFXAOm6YmRgsbmbccbDsLN6dK7rsSPQ9GosNmb2VDnBAaWHUKIOSh83TTi5QOXkXnHKGrO%2fvoqj%2bZftbgnBFk%2fWV2KtK50Uh4rblRSy6soshz8o4TYu0goRXnQAatF1OgrT1w%2fEUcAKlqXLjH71mF8QCqtn%2fn6x%2fAA%3d%3d
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-request-id: bbe39c12-2fcf-4bf6-9df0-af793252a92d
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
set-cookie: ADRUM_BTa=R:0|g:38ec3256-1f3e-44f4-b799-91a0c7d4bd93|n:D2L-Prod_407a60ed-b34d-40a0-8586-bc31d0988eb7; expires=Thu, 01-Sep-2022 22:35:54 GMT; path=/
ADRUM_BT1=R:0|i:266873|e:35; expires=Thu, 01-Sep-2022 22:35:54 GMT; path=/
SameSite=None; expires=Thu, 01-Sep-2022 22:35:54 GMT; path=/
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
link: <https://s.brightspace.com>; rel=preconnect
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K+LTbp+IiqNoAlEsbbapKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ct45BofdGs0bKxbOB2hGttDA7I0=

2fa-gw.uwaterloo.ca/dag/saml2/idp/SSOService.php?SAMLRequest=jdE9b4MwEAbgvVL%2fA%2fKODcYEsCBS1C6R0iVpO3SpDmMSJGNTn2n780saRe2Y7T70So%2fu6s0cTnavP2aNIdo%2bNgRhNP7Sv7cpbwsFedqvStEnq7LvoddlD1yt8kIIEr1qj4OzDeE0IdEWcdZbiwFsWEYJ53FSxUn6zLnMcskFzTJRlpV4I9EGUfuwZB%2bcxXnU%2fqD956D0y37XkFMIE0rGjAZv6fwFQXvjHFXAOm6YmRgsbmbccbDsLN6dK7rsSPQ9GosNmb2VDnBAaWHUKIOSh83TTi5QOXkXnHKGrO%2fvoqj%2bZftbgnBFk%2fWV2KtK50Uh4rblRSy6soshz8o4TYu0goRXnQAatF1OgrT1w%2fEUcAKlqXLjH71mF8QCqtn%2fn6x%2fAA%3d%3d

129.97.208.56

302 Found

1.6 kB

URL HTTP/2
2fa-gw.uwaterloo.ca/dag/saml2/idp/SSOService.php?SAMLRequest=jdE9b4MwEAbgvVL%2fA%2fKODcYEsCBS1C6R0iVpO3SpDmMSJGNTn2n780saRe2Y7T70So%2fu6s0cTnavP2aNIdo%2bNgRhNP7Sv7cpbwsFedqvStEnq7LvoddlD1yt8kIIEr1qj4OzDeE0IdEWcdZbiwFsWEYJ53FSxUn6zLnMcskFzTJRlpV4I9EGUfuwZB%2bcxXnU%2fqD956D0y37XkFMIE0rGjAZv6fwFQXvjHFXAOm6YmRgsbmbccbDsLN6dK7rsSPQ9GosNmb2VDnBAaWHUKIOSh83TTi5QOXkXnHKGrO%2fvoqj%2bZftbgnBFk%2fWV2KtK50Uh4rblRSy6soshz8o4TYu0goRXnQAatF1OgrT1w%2fEUcAKlqXLjH71mF8QCqtn%2fn6x%2fAA%3d%3d
IP
129.97.208.56:0
ASN
#12093 UWATERLOO

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1290)
Size
1.6 kB (1591 bytes)
Hash
7bca25831ea24d36f50ed7768928aaf2
f033a5718a6f3f25a5b57094365331128322bd5d
e4fe847b0374768f6070349fd3b9a13f3ec51851724c18458d7336e07f3d0318

HTTP Headers

GET /dag/saml2/idp/SSOService.php?SAMLRequest=jdE9b4MwEAbgvVL%2fA%2fKODcYEsCBS1C6R0iVpO3SpDmMSJGNTn2n780saRe2Y7T70So%2fu6s0cTnavP2aNIdo%2bNgRhNP7Sv7cpbwsFedqvStEnq7LvoddlD1yt8kIIEr1qj4OzDeE0IdEWcdZbiwFsWEYJ53FSxUn6zLnMcskFzTJRlpV4I9EGUfuwZB%2bcxXnU%2fqD956D0y37XkFMIE0rGjAZv6fwFQXvjHFXAOm6YmRgsbmbccbDsLN6dK7rsSPQ9GosNmb2VDnBAaWHUKIOSh83TTi5QOXkXnHKGrO%2fvoqj%2bZftbgnBFk%2fWV2KtK50Uh4rblRSy6soshz8o4TYu0goRXnQAatF1OgrT1w%2fEUcAKlqXLjH71mF8QCqtn%2fn6x%2fAA%3d%3d HTTP/1.1
Host: 2fa-gw.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D
server: Microsoft-IIS/10.0
content-security-policy: default-src 'self'; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; img-src 'self' data: https://static.duosecurity.com; object-src 'none'
x-content-security-policy: default-src 'self'; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; img-src 'self' data: https://static.duosecurity.com; object-src 'none'
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: deny
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-ua-compatible: IE=edge
set-cookie: _DUO_DAG_GLOBAL_=84635e3584b43af4c5fe92e12bf81f25; path=/; secure; HttpOnly
date: Thu, 01 Sep 2022 22:35:21 GMT
content-length: 1591
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
cd81fac41415d22ed09d0aa232ce9676
cb203ed09be24dacc8cdca009bfbca754d9caff9
fa6b8f1f91292fd343b7c13a271d5edb5805ae60b55de678103e372b2847c0b3

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 22:35:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Sep 2022 21:49:44 GMT
ETag: "cb203ed09be24dacc8cdca009bfbca754d9caff9"
Last-Modified: Thu, 01 Sep 2022 21:49:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74417a9bfc49b518-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:35:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:35:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:35:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 22:35:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9642 bytes)
Hash
d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
age: 3479
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6196 bytes)
Hash
5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAMCgNpYR80vXSDyHFOFcbT8VukBemR2AGoGNaCfYaszKshu-gv6zg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:15 GMT
age: 2470
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12204 bytes)
Hash
e10519422b7ff91c72bcf2234cea36cf
63cff2232383d9d7f2371d1f60cf7923b629fc82
71a4bfc0031e0f6152c441f4bf413c6e953f38a587a95900f3a6c63beecafb4b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12204
x-amzn-requestid: 5293c66e-68d3-472a-a6d2-69f161262f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMLDGK6oAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112713-66d01d9c2d12d55c465c5108;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:41:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cH0sSIFu5fSPywh8xnc0AHgD053jRBz3QLBSCk0IkcQwez-1M9hCJQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:18 GMT
age: 2467
etag: "63cff2232383d9d7f2371d1f60cf7923b629fc82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff072eb8c-1ad5-404f-85b3-2242f38757f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4924 bytes)
Hash
ae78f10cef02197bf19d5ff1d2703fdf
3f7dbd409d7d110b135ee32b8ebcdb9ac3591e66
b5c74c5cea04e6da2d3e886dd26adc83af98bb881aa134b7fa0693dbf8b90a52

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff072eb8c-1ad5-404f-85b3-2242f38757f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4924
x-amzn-requestid: 89f18b72-50e3-4e1a-9a4a-e1e61d078fba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XW1o-GO2IAMFyxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305cfd2-0987c8217bfd77c91f107265;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 07:14:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F4gQvi_hdsdDXSys6Sv0-5XWXE-nMH6H-qb5jRvuln8o_r7SKdqU7g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 09:13:42 GMT
age: 48103
etag: "3f7dbd409d7d110b135ee32b8ebcdb9ac3591e66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7156 bytes)
Hash
14e82032ab44011167c9d2d9695a3198
d3fda6718ab89268e82bde16b06a96354fa3d57b
2f073e250e9956e82038d29df1de50df864e2c22e4604bbd78d1e62188ae9197

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7156
x-amzn-requestid: e2b38429-0492-4319-9c72-5a1619c78420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMO2EKcoAMFrrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311272b-69d66f695cf1a07f0fae433c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kpPP3oOPJ0CPFcrn_69SQa_tDp3VGWYBSX2_LVD-wT0tUuQCUkQoAQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:17 GMT
age: 2468
etag: "d3fda6718ab89268e82bde16b06a96354fa3d57b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 3479
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D

129.97.208.14

200 OK

52 kB

URL HTTP/1.1
adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D
IP
129.97.208.14:0
ASN
#12093 UWATERLOO

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document textAlgol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (750), with CRLF line terminators
Size
52 kB (52186 bytes)
Hash
511bec499b57a99d62daa49640d7f89c
e2cfb116b1a31ac8e66b0d00e7061e20339dcbad
c6c9424b048f789d590b4804338a61d9015ec4b831e66eb955ce65dd36255249

Detections

Analyzer	Verdict	Alert
urlquery		Phishing website detected
urlquery		Phishing website detected

HTTP Headers

GET /adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D HTTP/1.1
Host: adfs.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 52186
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0
X-Frame-Options: DENY
Date: Thu, 01 Sep 2022 22:35:25 GMT

adfs.uwaterloo.ca/adfs/portal/css/style.css?id=615E36F5EA12771BAD69A2F6E6DEED52A9107CFE6E7C453268D8190A4BD97705

129.97.208.14

200 OK

23 kB

URL HTTP/1.1
adfs.uwaterloo.ca/adfs/portal/css/style.css?id=615E36F5EA12771BAD69A2F6E6DEED52A9107CFE6E7C453268D8190A4BD97705
IP
129.97.208.14:0
ASN
#12093 UWATERLOO

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (509), with CRLF line terminators
Size
23 kB (22819 bytes)
Hash
6f49cc7a73125822a9a971dfadbe832c
c69ee4a21af246132c9d33495e652a5bd50cabc8
615e36f5ea12771bad69a2f6e6deed52a9107cfe6e7c453268d8190a4bd97705

HTTP Headers

GET /adfs/portal/css/style.css?id=615E36F5EA12771BAD69A2F6E6DEED52A9107CFE6E7C453268D8190A4BD97705 HTTP/1.1
Host: adfs.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 22819
Content-Type: text/css
Expires: Sat, 01 Oct 2022 22:35:26 GMT
ETag: 615E36F5EA12771BAD69A2F6E6DEED52A9107CFE6E7C453268D8190A4BD97705
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 01 Sep 2022 22:35:25 GMT

adfs.uwaterloo.ca/adfs/portal/logo/logo.png?id=CEA0679CC74562563C047CA36093A8B3F4B0A400624EE1BFDDE15F4120FA9DFB

129.97.208.14

200 OK

9.3 kB

URL HTTP/1.1
adfs.uwaterloo.ca/adfs/portal/logo/logo.png?id=CEA0679CC74562563C047CA36093A8B3F4B0A400624EE1BFDDE15F4120FA9DFB
IP
129.97.208.14:0
ASN
#12093 UWATERLOO

File type
PNG image data, 300 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9290 bytes)
Hash
414051c7bfd2c83880163cb06e2fc9b2
52fb8894983a7542e08285264ec8e152c6edbb51
cea0679cc74562563c047ca36093a8b3f4b0a400624ee1bfdde15f4120fa9dfb

HTTP Headers

GET /adfs/portal/logo/logo.png?id=CEA0679CC74562563C047CA36093A8B3F4B0A400624EE1BFDDE15F4120FA9DFB HTTP/1.1
Host: adfs.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 9290
Content-Type: image/png
Expires: Sat, 01 Oct 2022 22:35:26 GMT
ETag: CEA0679CC74562563C047CA36093A8B3F4B0A400624EE1BFDDE15F4120FA9DFB
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 01 Sep 2022 22:35:26 GMT

adfs.uwaterloo.ca/favicon.ico

129.97.208.14

404 Not Found

315 B

URL HTTP/1.1
adfs.uwaterloo.ca/favicon.ico
IP
129.97.208.14:0
ASN
#12093 UWATERLOO

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
315 B (315 bytes)
Hash
67932d4b695e1d6b19dfc2e3610761ff
a66898b36c94c53766e66c1a7aaeb149447ec083
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: adfs.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 01 Sep 2022 22:35:26 GMT
Connection: close
Content-Length: 315

adfs.uwaterloo.ca/adfs/portal/illustration/illustration.jpg?id=09549FE9CAE3CE0425FED2813AEFB70EE60FB2ADA7BA3ADB605061ECE8C12D33

129.97.208.14

200 OK

227 kB

URL HTTP/1.1
adfs.uwaterloo.ca/adfs/portal/illustration/illustration.jpg?id=09549FE9CAE3CE0425FED2813AEFB70EE60FB2ADA7BA3ADB605061ECE8C12D33
IP
129.97.208.14:0
ASN
#12093 UWATERLOO

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1420x751, components 3\012- data
Size
227 kB (227151 bytes)
Hash
f2552645607d30d86aa461f1b47e7ea7
f820e0e3b360db30e3842d9b6b532093a22d351a
09549fe9cae3ce0425fed2813aefb70ee60fb2ada7ba3adb605061ece8c12d33

HTTP Headers

GET /adfs/portal/illustration/illustration.jpg?id=09549FE9CAE3CE0425FED2813AEFB70EE60FB2ADA7BA3ADB605061ECE8C12D33 HTTP/1.1
Host: adfs.uwaterloo.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adfs.uwaterloo.ca/adfs/ls?SAMLRequest=nZJPb%2BIwEMW%2FSuR7SOI2BSxAYouqIvUPKnQPe6mmtgOWHDv1jEv77WvCrlouHPZk6Xne889PM0FobSfmkXbuSb9FjZR9tNah6C%2BmLAYnPKBB4aDVKEiK9fz%2BTvBBKbrgyUtv2Q%2FLeQcg6kDGO5YtF1P2UoOqquaVX6hyLIGPYAzlUF2NZFXKquZ1fdkMR7UeVsCy3zpgck5ZCkp2xKiXDgkcJankPC%2FHeVltOBcXteD8D8sW6TfGAfWuHVGHoihANTiIeyAdrPcDCb1SWGTZ%2FB%2FdtXcYWx3WOrwbqZ%2Bf7r79vIF8uz9NULAtWq%2Bi1YNu1xWHHgo8njwHib2qon9JjX18smz1t7hfxinjtuc7ez0OobjdbFb56nG9YbPJIVr0HYTZf5C1mkABwSnYpPgZOzmuxkMCWi5W3hr5md340AKd5z0oRuVNPyoogEOjHaV6rfX766AT3pRRiJoVs%2BOTpws4%2BwI%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 227151
Content-Type: image/jpg
Expires: Sat, 01 Oct 2022 22:35:26 GMT
ETag: 09549FE9CAE3CE0425FED2813AEFB70EE60FB2ADA7BA3ADB605061ECE8C12D33
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 01 Sep 2022 22:35:26 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (29)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size