Report - highest-value.me/steam_gift

Report Overview

Submitted URL
highest-value.me/steam_gift_cards
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-03 18:31:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.237.93.5
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	51 kB	34.120.237.76
d13pxqgp3ixdbh.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	444 kB	54.230.245.196
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	5.6 kB	216.58.211.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.6 kB	142.250.74.74
d1j9qsxe04m2ki.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	22 kB	143.204.42.39
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	476 B	47 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	31 kB	142.250.74.42
dwmsurhf1svv8.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	9.8 kB	143.204.42.148
highest-value.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	24 kB	188.114.97.1
queue.simpleanalyticscdn.com	90928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	614 B	408 B	185.165.243.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
browser.sentry-cdn.com	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	22 kB	151.101.66.217
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.3 kB	142.250.74.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	highest-value.me/steam_gift_cards	Steam

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	d1j9qsxe04m2ki.cloudfront.net/3ab2a57.js	Malware
2022-12-03	medium	highest-value.me/cdn-cgi/apps/head/d7ItVQyEfVFZlWq9HWMBlvbFj70.js	Phishing
2022-12-03	medium	dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2309828.9e779.0.js	Phishing
2022-12-03	medium	highest-value.me/steam_gift_cards	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	browser.sentry-cdn.com/6.4.1/bundle.min.js	68 kB	2023-03-07	2024-04-26
Pretty URL browser.sentry-cdn.com/6.4.1/bundle.min.js IP 151.101.66.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:11 Last Seen2024-04-26 00:31:42 Times Seen811 Hash c2bcb2b153e152ba850057a843064c5f cdb5e35cf2c53fec13a111579eea73b08bb86bb3 22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 15:25:47 Times Seen384786 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	highest-value.me/cdn-cgi/apps/head/d7ItVQyEfVFZlWq9HWMBlvbFj70.js	4.9 kB	2023-03-08	2023-05-24
Pretty URL highest-value.me/cdn-cgi/apps/head/d7ItVQyEfVFZlWq9HWMBlvbFj70.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:59 Last Seen2023-05-24 15:03:11 Times Seen2 Hash 25bd03c2811a7ebe684ccd8a2e375d18 e4a993f7314ce0cdbcd4205a279cb385847928c8 4cf2310236b9dcfbb00ee7f28fa5f17737871f780fde5da7f1a26a47d01182f2 Loading...

	highest-value.me/cdn-cgi/apps/body/xZj3hSF7DCgEyWHFjPFirnSfGxg.js	10 kB	2023-03-08	2023-05-24
Pretty URL highest-value.me/cdn-cgi/apps/body/xZj3hSF7DCgEyWHFjPFirnSfGxg.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:59 Last Seen2023-05-24 15:03:11 Times Seen3 Hash 61aba83efb526bf3898690aa48389a14 c4c6369d4f0b01987f0e912a75f4269aec909905 207ed63471decb07a44bb82a2b26fe8fc55bbf61823c3c78c90d5fb076afc25b Loading...

	dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2309828.9e779.0.js	11 kB	2023-03-08	2023-03-10
Pretty URL dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2309828.9e779.0.js IP 143.204.42.148 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:59 Last Seen2023-03-10 19:49:53 Times Seen1 Hash 75ce90ca3b1999d22be7661c56db4501 d8069bd8b4cd97a3910118178d55bdcf8eeb9c21 c4e096780737388ee65f26f9f231687e8cb6de958274949c84fe46d0c3ed409c Loading...

	d1j9qsxe04m2ki.cloudfront.net/3ab2a57.js	24 kB	2023-03-08	2023-11-26
Pretty URL d1j9qsxe04m2ki.cloudfront.net/3ab2a57.js IP 143.204.42.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:24 Last Seen2023-11-26 18:29:55 Times Seen9 Hash d0adadb877ad5f27d0c2a369cd5acb5e 4ee565818994fde68a09b430af6307be75e4e3d5 988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff Loading...

	highest-value.me/steam_gift_cards	2 B	2023-03-07	2024-04-26
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-26 14:48:13 Times Seen13148 Hash e1c06d85ae7b8b032bef47e42e4c08f9 71853c6197a6a7f222db0f1978c7cb232b87c5ee 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Loading...

	highest-value.me/steam_gift_cards	283 B	2023-03-07	2024-04-20
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:11 Last Seen2024-04-20 19:00:25 Times Seen335 Hash b1df226ab42c09ce6a792b290b3bebc6 e0e82995a0e621550d4f06b3c5bbf6048fa355e6 a659c5ed40f29750a59c8e9ef6197ee2a2a684c592cebe5731c68fc67a451a43 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	highest-value.me/steam_gift_cards	198 B	2023-03-08	2023-05-24
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:59 Last Seen2023-05-24 15:03:11 Times Seen2 Hash 363b332bd0c803591f2f9b54d844dfd5 4a5ab6e9055f33340dcfce0f230891d2db8c67eb e1bab1a6f1e4e02fb5f4e9d4d03a76871d13faa5d64cef23e2ab2915cae0ac12 Loading...

	highest-value.me/steam_gift_cards	100 B	2023-03-07	2024-04-26
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:11 Last Seen2024-04-26 00:31:42 Times Seen338 Hash a5cc51eb35cd19f73a6508983ec0ed26 5d7abc7ff4b7dbd2db23b751ac2835c2176dd2e9 4a23cdefba5e854576b5ca870a9ddbfa34d26c3bb92776e7d8c51ad12510107d Loading...

	dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2309828&time=1670092292279	78 B	2023-03-07	2023-11-10
Pretty URL dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2309828&time=1670092292279 IP 143.204.42.148 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:27 Last Seen2023-11-10 15:11:30 Times Seen878 Hash 37ebc78db9bc22d4c972c5961163070c 865e3671f7e86b52d2f7b006b95ec7799a187572 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Loading...

	highest-value.me/steam_gift_cards	148 B	2023-03-07	2024-04-26
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:11 Last Seen2024-04-26 00:31:42 Times Seen384 Hash 4231df4e31831961a937cba958c59559 f3d72b5781df7ddeebf11e5252d26f79e3221a84 52734e73487d2d3aa7d574b7324b733f8793bf79b356e386e245869952eacf1b Loading...

	highest-value.me/steam_gift_cards	516 B	2023-03-08	2023-05-24
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:59 Last Seen2023-05-24 15:03:11 Times Seen2 Hash 4608341ad63f5d559dfb0b6d2617163a afd7e8f30728b8e8198c70c9ad27062370010528 1efc7b95fd2a5a0920af7d6287dd1b7b20607fbfabe2e953f1a942d53a29f0a5 Loading...

	highest-value.me/steam_gift_cards	5.9 kB	2023-03-08	2023-05-24
Pretty URL highest-value.me/steam_gift_cards IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:59 Last Seen2023-05-24 15:03:11 Times Seen4 Hash ed0fd9ff5787bbc5326f73811ccafcff 211bc133bc52821e93f7c6170d3d23c2d82fddb8 d64441ed1b6229c881f04e6b2daa9848261b2763bd0ff596aec72bb111f5e209 Loading...

	dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=gj8leixe3&e=ll&t=1670092290798	0 B	2023-03-07	2024-04-26
Pretty URL dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=gj8leixe3&e=ll&t=1670092290798 IP 143.204.42.148 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 15:25:47 Times Seen37094355 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (54)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: max-age=150566
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:29 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 12:20:55 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12664
Expires: Sat, 03 Dec 2022 22:02:33 GMT
Date: Sat, 03 Dec 2022 18:31:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 689
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7425
Expires: Sat, 03 Dec 2022 20:35:14 GMT
Date: Sat, 03 Dec 2022 18:31:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: d2DFy1j1MsQbZkbQAvuZQWdQILEOXlG2ByRPhjUe+znjf6ycrQ8FcmbkoQrtfznpuI9EN70xlRY=
x-amz-request-id: YYXX0N0PVEKNS3CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 17:46:39 GMT
age: 2691
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/2hmFFcKnzNw

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/2hmFFcKnzNw
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
106855b53e1c2f042e2f106996115b81
94eb26aaac9cbeba619652774de0f7d340020d0c
d39b7afd0c184dadb2f55a0dbe090893703eafde13a16fbb7f6876fb633b68c2

HTTP Headers

POST /s/gts1p5/2hmFFcKnzNw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:31:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 18:11:18 GMT
cache-control: public,max-age=3600
age: 1212
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6567
Cache-Control: max-age=145488
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:30 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:56:18 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.237.93.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.93.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8MltvmrsNHX18xXXQkek9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z57n2Iua/5yS/aY9p3G45kDE1h0=

ocsp.pki.goog/s/gts1p5/2hmFFcKnzNw

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/2hmFFcKnzNw
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
106855b53e1c2f042e2f106996115b81
94eb26aaac9cbeba619652774de0f7d340020d0c
d39b7afd0c184dadb2f55a0dbe090893703eafde13a16fbb7f6876fb633b68c2

HTTP Headers

POST /s/gts1p5/2hmFFcKnzNw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

browser.sentry-cdn.com/6.4.1/bundle.min.js

151.101.66.217

200 OK

21 kB

URL HTTP/2
browser.sentry-cdn.com/6.4.1/bundle.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65448)
Size
21 kB (20972 bytes)
Hash
42639cce5db857005b8285dedd67553d
a24a4a308123397a9a786645f5843e70653d8552
2b5b83c27b4f52cb3fe8cebc8412b3ceb7c62a2dca290eef38117c33c85b3c66

HTTP Headers

GET /6.4.1/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://highest-value.me
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 05:15:36 GMT
last-modified: Wed, 19 May 2021 16:36:38 GMT
etag: "42639cce5db857005b8285dedd67553d"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 18:31:31 GMT
age: 6182155
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20972
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Itim

142.250.74.74

200 OK

883 B

URL HTTP/2
fonts.googleapis.com/css?family=Itim
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
883 B (883 bytes)
Hash
23cf960dc49558efe35fc9843198f8d1
95db7ac3e258209bff9732209fc23ea157809d22
9b24c8193fe830d31a1fb55239cef2dca744dbb6dbc7d4f602f027132f706483

HTTP Headers

GET /css?family=Itim HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 18:31:31 GMT
date: Sat, 03 Dec 2022 18:31:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.42

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:18:58 GMT
expires: Wed, 29 Nov 2023 14:18:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 360753
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d1j9qsxe04m2ki.cloudfront.net/3ab2a57.js

143.204.42.39

200 OK

21 kB

URL HTTP/2
d1j9qsxe04m2ki.cloudfront.net/3ab2a57.js
IP
143.204.42.39:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (1637), with CRLF line terminators
Size
21 kB (21244 bytes)
Hash
c182b6ff8a08bdfa9234ca9498378621
5587087cb756176a5d999503d6df60b5462c34e8
376694f84b1b55dc1d14803e699b73f03081ea87894ceb9d0900acbc875e2ecc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /3ab2a57.js HTTP/1.1
Host: d1j9qsxe04m2ki.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 30 Oct 2022 13:50:57 GMT
server: AmazonS3
content-encoding: br
date: Sat, 03 Dec 2022 18:29:12 GMT
etag: W/"d0adadb877ad5f27d0c2a369cd5acb5e"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GDhSIzQDjqcWrTB6zH0t8j5XF1ROsrziHopFoyVPzY2IJXXkpAC9Fg==
age: 227
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/itim/v10/0nknC9ziJOYe8ANAkA.woff2

142.250.74.35

200 OK

46 kB

URL HTTP/2
fonts.gstatic.com/s/itim/v10/0nknC9ziJOYe8ANAkA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45752, version 1.0\012- data
Size
46 kB (45752 bytes)
Hash
f56c2ebf80ea6f53e6c602b21c8cf8cc
6ef559403894396c4dcc2c7b72e5daf881d1342f
8a07378dcabf77bed73e6bf59be4d6aed5f91eee7bad32eb56d84862e0a054ed

HTTP Headers

GET /s/itim/v10/0nknC9ziJOYe8ANAkA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://highest-value.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 03:56:42 GMT
expires: Thu, 30 Nov 2023 03:56:42 GMT
cache-control: public, max-age=31536000
age: 311689
last-modified: Tue, 26 Apr 2022 15:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12394
Expires: Sat, 03 Dec 2022 21:58:06 GMT
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12394
Expires: Sat, 03 Dec 2022 21:58:06 GMT
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12394
Expires: Sat, 03 Dec 2022 21:58:06 GMT
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12394
Expires: Sat, 03 Dec 2022 21:58:06 GMT
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12394
Expires: Sat, 03 Dec 2022 21:58:06 GMT
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 63248
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dwmsurhf1svv8.cloudfront.net/public/external/css_front.css

143.204.42.148

200 OK

6.6 kB

URL HTTP/2
dwmsurhf1svv8.cloudfront.net/public/external/css_front.css
IP
143.204.42.148:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
6.6 kB (6596 bytes)
Hash
2649f9832b1ede1bca6b60a16e50a676
c96e86a59be0ab5f2a1c86558205193597822742
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

HTTP Headers

GET /public/external/css_front.css HTTP/1.1
Host: dwmsurhf1svv8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 6596
date: Sat, 03 Dec 2022 18:31:32 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
etag: "19c4-5a8c5e62e9d0a"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dRRbBrZKbLHn_EgMsKs9nj_w3hWR70mxnZRxodOKFTR5oFN7oGb_KQ==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 48564
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5354 bytes)
Hash
1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 27028
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9715 bytes)
Hash
45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 74426
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7732 bytes)
Hash
379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:39:57 GMT
age: 75095
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 52692
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/16043656942322cec5430f36cf035cf9b2c3c8c619.png

54.230.245.196

200 OK

21 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/16043656942322cec5430f36cf035cf9b2c3c8c619.png
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
PNG image data, 250 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21164 bytes)
Hash
680467e8eccc72a5512c5238d8d841b2
27c75ef7e5225d428980f82edc89ea1ba202380c
f9639f4e8f162a205fd48f902e18b276feb54e3c965254bcb799aa10a5e2c5d8

HTTP Headers

GET /uploads/16043656942322cec5430f36cf035cf9b2c3c8c619.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 21164
date: Sat, 03 Dec 2022 01:55:54 GMT
last-modified: Tue, 03 Nov 2020 01:08:15 GMT
etag: "680467e8eccc72a5512c5238d8d841b2"
x-amz-version-id: OHfj8jnH0xp7_RCuC01bCYJBk2pkGx12
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 14KEk3nfGPFPogx96NsNkzQHNE48b0dc4U8jlQ5I-KJZSb4H71gVlw==
age: 59739
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/16062837737ad447fbf89dbabf6c61fbdc0f21937a.jpg

54.230.245.196

200 OK

173 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/16062837737ad447fbf89dbabf6c61fbdc0f21937a.jpg
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
173 kB (172762 bytes)
Hash
5fa9abfa7bba6b586160a76ab150a062
074aa183f0c5e3b29bd6920a253197a548787c60
3001a7ed67f8154c0e9e8d5beacda02ac66804292a09347cabdc8408856e747c

HTTP Headers

GET /uploads/16062837737ad447fbf89dbabf6c61fbdc0f21937a.jpg HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/jpg
content-length: 172762
last-modified: Wed, 25 Nov 2020 05:56:14 GMT
x-amz-version-id: SSyI2NOr2RULuHX6gF8JHEzbatA5zRAL
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 04:37:21 GMT
etag: "5fa9abfa7bba6b586160a76ab150a062"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aBbhij0GecxgGrPlqSjCvW0DPkJTUgwRgEuBNFDF-xr7i_cqN1tJGA==
age: 50051
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/1606283775f661f1da1731e5bd35b885e9dd3589e5.png

54.230.245.196

200 OK

40 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/1606283775f661f1da1731e5bd35b885e9dd3589e5.png
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
PNG image data, 327 x 160, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (40108 bytes)
Hash
f6ae1259f63891633ceac2b300fd40e0
a8e6550bc977a45b660267e71f5e51a698b6fd24
bf469ba3c67e5be05a57d8ac13d86bd13c33d6dc829b1126bd2b9e8a0b67aafc

HTTP Headers

GET /uploads/1606283775f661f1da1731e5bd35b885e9dd3589e5.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 40108
last-modified: Wed, 25 Nov 2020 05:56:16 GMT
x-amz-version-id: jEylxWIr1AfG6_QRjMWu6QleYv5sEGhe
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 04:37:19 GMT
etag: "f6ae1259f63891633ceac2b300fd40e0"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vFeCihb_BedSFT30sMQES9V8ciLIaLRFlWYhicl15nAtUpZGHEO5Ig==
age: 50054
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/160628377447f68b6aa08edb62e509bab0c0fc51dc.png

54.230.245.196

200 OK

68 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/160628377447f68b6aa08edb62e509bab0c0fc51dc.png
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
PNG image data, 160 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
68 kB (68116 bytes)
Hash
ff9094a5fc6b464a5a39147ed38d68a9
49baa542c0355cc3d838f8ac8c0dd6c829cb1a87
e7f84c9dabcb42f81f241750d9a71317ff1df2ff0d39c6c7c13ed40497bfb306

HTTP Headers

GET /uploads/160628377447f68b6aa08edb62e509bab0c0fc51dc.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 68116
last-modified: Wed, 25 Nov 2020 05:56:15 GMT
x-amz-version-id: hx3jH6caL8_XcxjNrTZK6x8LAXZWPI3g
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 00:32:45 GMT
etag: "ff9094a5fc6b464a5a39147ed38d68a9"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -XzvO7ewGbeHdloaWfiIu5g-UCnEyO21mYCI5tTOlip_w6nZ1mPVlw==
age: 64728
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

highest-value.me/cdn-cgi/apps/head/d7ItVQyEfVFZlWq9HWMBlvbFj70.js

188.114.97.1

200 OK

22 kB

URL HTTP/2
highest-value.me/cdn-cgi/apps/head/d7ItVQyEfVFZlWq9HWMBlvbFj70.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (671)
Size
22 kB (21656 bytes)
Hash
879391cafc48f08f69201e85069a0a50
0bd6a1c0845c781147e4a50ec3ecf53ffb9ef651
a905f07f249e0ba3fd9fd9b0fa8e161a8d5f9342235177ba27904bc6e6c9197a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/apps/head/d7ItVQyEfVFZlWq9HWMBlvbFj70.js HTTP/1.1
Host: highest-value.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:31:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: VpqLfmuvfYmObpXWHA97tQR0VFpMSkmlnJ47UUm0XFQN8LhijEb0toMGxvipjdDWt+Q22zWzHyM=
x-amz-request-id: WYVYFTQST3RRK6SK
cache-control: public, max-age=31536000
last-modified: Sat, 30 Jul 2022 17:43:02 GMT
x-amz-version-id: kSSEn77QL7RPD5LMylT4RyinIzHgGqtn
etag: W/"a648bdaf8f2402661905d7fafd6567cf"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YSDjrR7b9LdqAb38WLApb7pG7mugqbrM7ePTtRVjjgF%2F2HwcjYbiBUXYIBo3%2BOonnVlmTMz83IYKg7MlDPaiNtoXzvznllNvmWlCGjAsd2eoBDbQK5uZREwX%2B9%2BIwbt8T5K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e6135199b0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:31:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=755136357&t=pageview&_s=1&dl=https%3A%2F%2Fhighest-value.me%2Fsteam_gift_cards&ul=en-us&de=UTF-8&dt=Steam%20Gift%20Card%20Online%20Generator%202021&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=860787373&gjid=1473019805&cid=1700532191.1670092290&tid=UA-206881734-3&_gid=172411183.1670092290&_r=1&_slc=1&z=2015545341

142.250.74.110

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=755136357&t=pageview&_s=1&dl=https%3A%2F%2Fhighest-value.me%2Fsteam_gift_cards&ul=en-us&de=UTF-8&dt=Steam%20Gift%20Card%20Online%20Generator%202021&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=860787373&gjid=1473019805&cid=1700532191.1670092290&tid=UA-206881734-3&_gid=172411183.1670092290&_r=1&_slc=1&z=2015545341
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j98&a=755136357&t=pageview&_s=1&dl=https%3A%2F%2Fhighest-value.me%2Fsteam_gift_cards&ul=en-us&de=UTF-8&dt=Steam%20Gift%20Card%20Online%20Generator%202021&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=860787373&gjid=1473019805&cid=1700532191.1670092290&tid=UA-206881734-3&_gid=172411183.1670092290&_r=1&_slc=1&z=2015545341 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://highest-value.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://highest-value.me
date: Sat, 03 Dec 2022 18:31:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=755136357&t=pageView&_s=1&dl=https%3A%2F%2Fhighest-value.me%2Fsteam_gift_cards&ul=en-us&de=UTF-8&dt=Steam%20Gift%20Card%20Online%20Generator%202021&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAEABAAAAACAAI~&jid=2107661378&gjid=793815076&cid=1700532191.1670092290&tid=UA-85922709-2&_gid=172411183.1670092290&_r=1&_slc=1&cd1=0&z=1815790447

142.250.74.110

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=755136357&t=pageView&_s=1&dl=https%3A%2F%2Fhighest-value.me%2Fsteam_gift_cards&ul=en-us&de=UTF-8&dt=Steam%20Gift%20Card%20Online%20Generator%202021&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAEABAAAAACAAI~&jid=2107661378&gjid=793815076&cid=1700532191.1670092290&tid=UA-85922709-2&_gid=172411183.1670092290&_r=1&_slc=1&cd1=0&z=1815790447
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j98&a=755136357&t=pageView&_s=1&dl=https%3A%2F%2Fhighest-value.me%2Fsteam_gift_cards&ul=en-us&de=UTF-8&dt=Steam%20Gift%20Card%20Online%20Generator%202021&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEDAAEABAAAAACAAI~&jid=2107661378&gjid=793815076&cid=1700532191.1670092290&tid=UA-85922709-2&_gid=172411183.1670092290&_r=1&_slc=1&cd1=0&z=1815790447 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://highest-value.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://highest-value.me
date: Sat, 03 Dec 2022 18:31:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
38ce8827261309627af31aac1b1300c0
0fcd0efabcc8da10bdb12c659ed96b7c0b184923
f5794ef8e8f78a780ad38ba6dcdedbdd7d5da6db7f3603cd3d4a24e99eab5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5794EF8E8F78A780AD38BA6DCDEDBDD7D5DA6DB7F3603CD3D4A24E99EAB5A69"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sat, 03 Dec 2022 19:14:21 GMT
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive

queue.simpleanalyticscdn.com/simple.gif?version=cloudflare_2&hostname=highest-value.me&path=%2Fsteam_gift_cards&viewport_width=1280&viewport_height=939&language=en-US&screen_width=1280&screen_height=1024&unique=true&id=dc37f999-2497-4f2f-add6-785028ab014c&https=true&timezone=UTC&type=pageview

185.165.243.49

202 Accepted

43 B

URL HTTP/1.1
queue.simpleanalyticscdn.com/simple.gif?version=cloudflare_2&hostname=highest-value.me&path=%2Fsteam_gift_cards&viewport_width=1280&viewport_height=939&language=en-US&screen_width=1280&screen_height=1024&unique=true&id=dc37f999-2497-4f2f-add6-785028ab014c&https=true&timezone=UTC&type=pageview
IP
185.165.243.49:0
ASN
#49981 WorldStream B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /simple.gif?version=cloudflare_2&hostname=highest-value.me&path=%2Fsteam_gift_cards&viewport_width=1280&viewport_height=939&language=en-US&screen_width=1280&screen_height=1024&unique=true&id=dc37f999-2497-4f2f-add6-785028ab014c&https=true&timezone=UTC&type=pageview HTTP/1.1
Host: queue.simpleanalyticscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 202 Accepted
Content-Type: image/gif
Access-Control-Allow-Origin: *
Simple-Analytics-Location: not_set
Simple-Analytics-Feedback: Thanks for sending this page view!
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Date: Sat, 03 Dec 2022 18:31:32 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 43

dwmsurhf1svv8.cloudfront.net/public/clockers/PrimeApps/css.css

143.204.42.148

200 OK

1.0 kB

URL HTTP/2
dwmsurhf1svv8.cloudfront.net/public/clockers/PrimeApps/css.css
IP
143.204.42.148:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1010 bytes)
Hash
683a185465436634825046815ac5a2d2
dd9a216245afb09ebc5098aa44374ee8ef51d3dd
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

HTTP Headers

GET /public/clockers/PrimeApps/css.css HTTP/1.1
Host: dwmsurhf1svv8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 1010
date: Sat, 03 Dec 2022 18:31:32 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
etag: "3f2-5a2f7428ae907"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Av5Trluvjlo3Z2GoDJLBUFzXKCrlrJ4VCLmhk_MUmGGQKZv5-ePwKA==
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/160628377597c4018081a255ca6becbb117ffd1cda.png

54.230.245.196

200 OK

1.6 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/160628377597c4018081a255ca6becbb117ffd1cda.png
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1594 bytes)
Hash
13a08748431eeb310a50830964ab4557
1ef342310cb2ede8feead9d5a212147e79bfa13f
f4c562e7820def4ee48f06f979cf815a04693a1e27a3f97c283d7e416e2c2cf4

HTTP Headers

GET /uploads/160628377597c4018081a255ca6becbb117ffd1cda.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 1594
last-modified: Wed, 25 Nov 2020 05:56:16 GMT
x-amz-version-id: N1S5kMJHSZGeKq26Gt4Ejdk0kJLjack8
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 18:31:33 GMT
etag: "13a08748431eeb310a50830964ab4557"
x-cache: RefreshHit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: etTeR-pDZC70HBbyELcYZPqcF5XIuRR99YNyj6sO2pCxs6ZHkDHCjw==
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/160628377232827a8f881003bec60b71178867352a.png

54.230.245.196

200 OK

68 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/160628377232827a8f881003bec60b71178867352a.png
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
PNG image data, 160 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
68 kB (67797 bytes)
Hash
5856bd1982c81f82b782e93254c230e7
b7d1992256d8a11290be024cd461aa0fb2602c40
bbfe3a654b4a3ca3c396c83f1498582c79bcd4747de7404e22e5950c2baf8544

HTTP Headers

GET /uploads/160628377232827a8f881003bec60b71178867352a.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 67797
last-modified: Wed, 25 Nov 2020 05:56:13 GMT
x-amz-version-id: o4u7bm8tMcucny3LCNiUET95lQZ9fzOl
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 18:31:33 GMT
etag: "5856bd1982c81f82b782e93254c230e7"
x-cache: RefreshHit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uW-v64A4yLIeSewMjofKBis6l9lhR9_lEEgClnzNOSI_YNPMfG8ULw==
X-Firefox-Spdy: h2

d13pxqgp3ixdbh.cloudfront.net/uploads/1606283774bf04346190ea3bd304e829b6f2a8241a.png

54.230.245.196

200 OK

69 kB

URL HTTP/2
d13pxqgp3ixdbh.cloudfront.net/uploads/1606283774bf04346190ea3bd304e829b6f2a8241a.png
IP
54.230.245.196:0
ASN
#16509 AMAZON-02

File type
PNG image data, 160 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
69 kB (68904 bytes)
Hash
e9b91de832fdbff0fc275a324a4cd64e
28f9dfea8a198c6925b093c7005b1cd5142b25ef
9b74187ef955bc90b2c4f9d89f96fccfc946fb35fd16aa8057a141d06e8376a5

HTTP Headers

GET /uploads/1606283774bf04346190ea3bd304e829b6f2a8241a.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 68904
last-modified: Wed, 25 Nov 2020 05:56:15 GMT
x-amz-version-id: DQSva9YKGeNLX9uwhaw10c1NM8fnQ._4
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 18:31:33 GMT
etag: "e9b91de832fdbff0fc275a324a4cd64e"
x-cache: RefreshHit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V6qehrWc7mQr_RT0MTgoGkwWQDIOf3RHRAiGgTesy0W4zdecwqxWSQ==
X-Firefox-Spdy: h2

dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=gj8leixe3&e=ll&t=1670092290798

143.204.42.148

200 OK

0 B

URL HTTP/2
dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=gj8leixe3&e=ll&t=1670092290798
IP
143.204.42.148:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /public/guid?cpguid=gj8leixe3&e=ll&t=1670092290798 HTTP/1.1
Host: dwmsurhf1svv8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 03 Dec 2022 18:31:33 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3JPK0cqbB208cflTx9q74Op6hiz7ESmyzrDVkvMeK33WOkzWf3a4GQ==
X-Firefox-Spdy: h2

dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2309828&time=1670092292279

143.204.42.148

200 OK

78 B

URL HTTP/2
dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2309828&time=1670092292279
IP
143.204.42.148:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
78 B (78 bytes)
Hash
37ebc78db9bc22d4c972c5961163070c
865e3671f7e86b52d2f7b006b95ec7799a187572
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

HTTP Headers

GET /public/external/check.php?it=2309828&time=1670092292279 HTTP/1.1
Host: dwmsurhf1svv8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 78
date: Sat, 03 Dec 2022 18:31:34 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gGOeTk56I5ydPj6IzBXku5i8rRTMQYZDHlKDf8RXxpixguzE6B8rDA==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7657 bytes)
Hash
3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 74531
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

highest-value.me/test.png

188.114.97.1

404 Not Found

0 B

URL HTTP/2
highest-value.me/test.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /test.png HTTP/1.1
Host: highest-value.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 18:31:31 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PYO8cEVICHOjPfkS2fzJiLX%2FVx%2FDwimc%2BhV%2FJOxQP9XmAYdsf4yLoNILrpo9byV496fSFHafwrTSKJ%2BGrKdYF61qxJ2ngWTpwgKeIWv7PhJpeI%2Bkjz2sBf%2FwRhzZYGBNFYP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e613519a90b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

highest-value.me/style.css

188.114.97.1

404 Not Found

0 B

URL HTTP/2
highest-value.me/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /style.css HTTP/1.1
Host: highest-value.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 18:31:31 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICYsMU%2F7RiTLHn3a07i3C3HnOodHQoYgG%2BWNI8PefixdLTFQOcP09pkumGpcrG7xIWq4TK%2FpQ79CvpwEq140tpPZj8IQsZsA73oB0MXyZ4elcwp1XLbqu1ICIgeWCzZ2gRw8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e6135199d0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2309828.9e779.0.js

143.204.42.148

200 OK

0 B

URL HTTP/2
dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2309828.9e779.0.js
IP
143.204.42.148:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/external/v2/html.2309828.9e779.0.js HTTP/1.1
Host: dwmsurhf1svv8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Dec 2022 18:31:32 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pul1zyiMfjo-i1gMviwsI1mPS7aOsYm2JpX13vTVtz5DDO-ONOSB7A==
X-Firefox-Spdy: h2

highest-value.me/steam_gift_cards

188.114.97.1

200 OK

0 B

URL HTTP/2
highest-value.me/steam_gift_cards
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Steam
fortinet	Phishing

HTTP Headers

GET /steam_gift_cards HTTP/1.1
Host: highest-value.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:31:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.4.16
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQnn9UG9dKsJvZeRZzs3eTCuPrBdJ%2BCCRXWis6OQ9gkrzPWru9YX7p5%2BX1K1jooNhubzy97k8xMPs2pYIzL3Zf7u1EDOi6n9sg7mQqOHAESRyeMAAJioSfz3q1IafaOHp%2BRN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773e612d2a2d0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations