| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hashb44b6d7bebf34d0393567b22a63a93fa a1a85b268bc8073d8e4622ceb78b78a1b39af96a 4b69973af6e9c5a78d94e8661b08d9349176a515e7bfb3386b10ace4c6f1ae21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B69973AF6E9C5A78D94E8661B08D9349176A515E7BFB3386B10ACE4C6F1AE21"
Last-Modified: Tue, 28 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14907
Expires: Thu, 02 Mar 2023 09:08:08 GMT
Date: Thu, 02 Mar 2023 04:59:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash5997f91ebc2eb50daf9983503bf68d86 9e173d1ec3154a6e77b673bc1ce382a531f01965 e2293a78d786cee4e424a86f17ffc821883a5da3628136dd3064c4c82ce68d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2293A78D786CEE4E424A86F17FFC821883A5DA3628136DD3064C4C82CE68D5A"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16921
Expires: Thu, 02 Mar 2023 09:41:42 GMT
Date: Thu, 02 Mar 2023 04:59:41 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Mar 2023 04:08:10 GMT
content-type: application/json
age: 3091
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash1fc53096a9ed90534f34db55765fe755 00462323483a73d48261b8e8a0981bec58ef832a bcfb9a09fd0882661e1eddc5bde947142897dfe816d535ed2cbfb1aa34823bd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFB9A09FD0882661E1EDDC5BDE947142897DFE816D535ED2CBFB1AA34823BD7"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3820
Expires: Thu, 02 Mar 2023 06:03:21 GMT
Date: Thu, 02 Mar 2023 04:59:41 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PUJQdz5/pivZxjySqwUgHkkFeGnZtoZQc/ctODgE95/UL+GxR2z43r0cgevUaeCvaD0q9tzDW74=
x-amz-request-id: 2BA3526WFQ9Z8PKR
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Mar 2023 04:32:55 GMT
age: 1606
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Mar 2023 04:59:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js | 104.17.25.14 | 200 OK | 6.2 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (19015) Hash7b4114faa411d059a9a5ac4b5b4d9dee 277da4486916fa3a4ab3375f47bc98f58dbf90f6 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rtbfoundation.org
Connection: keep-alive
Referer: https://rtbfoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Mar 2023 04:59:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9545725
expires: Tue, 20 Feb 2024 04:59:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj21FVKA3UyfQTBL8SXroO%2B0AE2wUH7ydLBqcGC4%2B%2FHH1csIJUrcz%2F59ExFdSfuwz1QcvtpeF0hKiyU5nqbmf%2FE38Tre1R1gtjQI7tRZ9BAc0dFQtBiVYqrbVQEcqFeb6QaqjgRN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a1712648816b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 69.16.175.10 | 200 OK | 24 kB |
URL HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (32012) Hash30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rtbfoundation.org
Connection: keep-alive
Referer: https://rtbfoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Mar 2023 04:59:42 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1677733182.dop012.sk1.t,1677733182.cds204.sk1.hn,1677733182.cds235.sk1.c
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 22 kB |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.10.207:0
File typeASCII text, with very long lines (65325) Hash5050bf2fff5f6009cfda3ced663b6a16 6f06c57341fb81bc094a11700bc4f1f371a87e85 eb8c19f9f8838714739a6d923813652e3a70c1c6fb9e7deb638d8e174a831c32
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rtbfoundation.org
Connection: keep-alive
Referer: https://rtbfoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Mar 2023 04:59:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3badbd2fd0cb5b22dbd5c6c4f0af2c54
cdn-cache: HIT
cf-cache-status: HIT
age: 21326
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a17126449aeb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js | 142.250.74.74 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP142.250.74.74:0
File typeASCII text, with very long lines (32065) Hash6d973c8b7e2439d958e09c0a1ab9fe50 05ae0830200c20b9a2dfd5a825adc400481a60fb f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbfoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Feb 2023 11:05:58 GMT
expires: Mon, 26 Feb 2024 11:05:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 323624
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rtbfoundation.org/officelog/xyzq/ | 162.241.87.163 | 200 OK | 286 kB |
URL HTTP/1.1rtbfoundation.org/officelog/xyzq/ IP162.241.87.163:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document text\012- HTML document, ASCII text, with very long lines (65526), with CRLF line terminators Size286 kB (286116 bytes) Hashfa084520a3e1a9d453a1439e948825d7 266ec3d3bd4cbb2eace730e5fc46a1fa65ec1817 273869e2f35a70d6e50bf0f2f88dc80ca06698924b4da3a4a457d98cb8625dc0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | openphish | Office365 | | fortinet | Phishing | |
GET /officelog/xyzq/ HTTP/1.1
Host: rtbfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 02 Mar 2023 04:59:40 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hasha79d96dbf19e3f8bde91b4549f860038 6e4afbd1ede1bf15fc28cfc3f643dbaaf86a6792 b1360bd703ddeddda005cdf9a887890b89a733b6df31ecbb9b06f7dc4b15bb68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Mar 2023 04:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hasha79d96dbf19e3f8bde91b4549f860038 6e4afbd1ede1bf15fc28cfc3f643dbaaf86a6792 b1360bd703ddeddda005cdf9a887890b89a733b6df31ecbb9b06f7dc4b15bb68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Mar 2023 04:59:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 14 kB |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP104.18.10.207:0
File typeASCII text, with very long lines (48664) Hash0d2d7262a098f401208e3ddc2b7e9763 59478f4e3bd12a94d163b6af89c1abeef03e40c0 a95daa48ae2c19f19c800187f7f166cd2ee9d3cb31a4246db4ae78a812ff1879
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rtbfoundation.org
Connection: keep-alive
Referer: https://rtbfoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Mar 2023 04:59:42 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2372c9d04a6709b8cc5d597ace720da5
cdn-cache: HIT
cf-cache-status: HIT
age: 21325
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a17126449b5b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hasha518b418b3b845c6c4f61b595d07d29e fa6b54344b3e4dfb5c6f16090825264152907bd6 b797e9b583b27d9c7288b67ecd1c8fc0da8a0ff8ac6d335f3d6e0bed653f2aed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B797E9B583B27D9C7288B67ECD1C8FC0DA8A0FF8AC6D335F3D6E0BED653F2AED"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13155
Expires: Thu, 02 Mar 2023 08:38:57 GMT
Date: Thu, 02 Mar 2023 04:59:42 GMT
Connection: keep-alive
|
|
| rtbfoundation.org/officelog/xyzq/1.png | 162.241.87.163 | 200 OK | 467 kB |
URL HTTP/1.1rtbfoundation.org/officelog/xyzq/1.png IP162.241.87.163:0 ASN#46606 UNIFIEDLAYER-AS-1
Size467 kB (467360 bytes) Hashae068970217ab4cd75ed16109306a2e1 6d01daac0dbc9957e1389e074cf42bdfa8763c49 352cc91e4c8f6c14e9a5818625295ddf6a00a28833fc87c3e4826107c316a399
GET /officelog/xyzq/1.png HTTP/1.1
Host: rtbfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbfoundation.org/officelog/xyzq/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Mar 2023 04:59:40 GMT
Server: Apache
Last-Modified: Mon, 26 Oct 2020 16:12:18 GMT
Accept-Ranges: bytes
Content-Length: 452896
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| rtbfoundation.org/favicon.ico | 162.241.87.163 | 404 Not Found | 315 B |
URL HTTP/1.1rtbfoundation.org/favicon.ico IP162.241.87.163:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /favicon.ico HTTP/1.1
Host: rtbfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbfoundation.org/officelog/xyzq/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 02 Mar 2023 04:59:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| push.services.mozilla.com/ | 35.85.116.246 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.85.116.246:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KGzKL3grKpEoyq3yzEwLcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NRnWPO5ckSLlrP+lnm7LC+pxYnk=
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash2f2b86251851c15a6378051a85964269 376c0277369d9cf0f23b197ed42b20be02bb1a8c e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 02 Mar 2023 07:56:42 GMT
Date: Thu, 02 Mar 2023 04:59:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash2f2b86251851c15a6378051a85964269 376c0277369d9cf0f23b197ed42b20be02bb1a8c e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 02 Mar 2023 07:56:42 GMT
Date: Thu, 02 Mar 2023 04:59:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash2f2b86251851c15a6378051a85964269 376c0277369d9cf0f23b197ed42b20be02bb1a8c e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 02 Mar 2023 07:56:42 GMT
Date: Thu, 02 Mar 2023 04:59:44 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff589505-3d96-4fd8-a14e-283c4d3d38ec.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff589505-3d96-4fd8-a14e-283c4d3d38ec.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0cbd87df108aef505fc5f61a88a17430 312362a16823a61c60add16e2ac419df6816bc12 9127f39b930d8f47eb5e8414373ad187d1048f50355def57d5bb21247e4240f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff589505-3d96-4fd8-a14e-283c4d3d38ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7518
x-amzn-requestid: ed2fb9a7-f2e4-4c03-aa0d-737b1a0824d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BHwJ5HNCoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ffc70b-629166e1757bef61211b0354;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 21:43:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: LYlZx_M7NLLnm-BEgfkb0QgeXTU2r2Fb1pL4cYw3Zb-ZbckRBnXpEw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 58b8655e3ea662bad02cac6b9d4c88ba.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 21:59:10 GMT
etag: "312362a16823a61c60add16e2ac419df6816bc12"
content-type: image/jpeg
age: 25234
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash2f2b86251851c15a6378051a85964269 376c0277369d9cf0f23b197ed42b20be02bb1a8c e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 02 Mar 2023 07:56:42 GMT
Date: Thu, 02 Mar 2023 04:59:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 184.51.252.176 | 200 OK | 503 B |
IP184.51.252.176:0 ASN#20940 Akamai International B.V.
Hash2f2b86251851c15a6378051a85964269 376c0277369d9cf0f23b197ed42b20be02bb1a8c e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10618
Expires: Thu, 02 Mar 2023 07:56:42 GMT
Date: Thu, 02 Mar 2023 04:59:44 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F749c9bae-5b66-459e-8826-3e69595a8135.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F749c9bae-5b66-459e-8826-3e69595a8135.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfb6cf25f51d819358cb2cd6a11c033de eb41ce1c7d4e370d65806c3e33141037c6c5309b 06af18ff07ea35e35e9c527f6ea66aac5ec5b2363825814eaf7859c77ebf8e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F749c9bae-5b66-459e-8826-3e69595a8135.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11181
x-amzn-requestid: dd1db412-2ebc-4cc6-88ca-279b2c3f3290
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BHusDE8gIAMF4gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ffc4b3-4554a7d7379751795bf82cf7;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 21:33:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: RPMwfY1mxJgOe3Casd1kabgSVKhxH6SR9hZeGQGs_Ub54qftlY5YXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 22:30:03 GMT
etag: "eb41ce1c7d4e370d65806c3e33141037c6c5309b"
content-type: image/jpeg
age: 23381
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b42a7e-1e38-459c-a114-2a621310e947.jpeg | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b42a7e-1e38-459c-a114-2a621310e947.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash24efc3a4d96f3e5d4722d68e191eb33d 5c7e0d48c3078191e71017cc295fa67eec8f85c4 37fe3cc7a2a102b3c97a54c68147aa7a1f3d99e9d8b38e13ae9ad2ad0df42563
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b42a7e-1e38-459c-a114-2a621310e947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7856
x-amzn-requestid: 8cc60fbe-68b1-4adc-995c-b2f568b1fa2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BHwJHFGwoAMFygw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ffc706-2d0f536e7ad982ce3aef4885;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: UC_GBuC5jycN1QJiyLUSwuTDKUm17IyQCdA4AhO4QwONY3P6QLBT1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 21:59:21 GMT
etag: "5c7e0d48c3078191e71017cc295fa67eec8f85c4"
content-type: image/jpeg
age: 25223
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2a5f3d376fe6a3a78a5d1fe136f962fb 3e9b03cc296e954d63526a4e7e75beea3130fc3b c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: f160a6a5-c245-40ab-9e03-ca03ba05863a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBNUOGorIAMFTlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd28e7-74bb8ca33cc8d5ee7e48ad3a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 22:04:23 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OAXdgPPPK_4LyHpQ-v3GLo2UhBtMS9SwSM95pdWa4jhnlB9JzqBSvw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 22:17:44 GMT
age: 24120
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc34d6996-c4fc-4cbc-ba70-7f3c3465a52b.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc34d6996-c4fc-4cbc-ba70-7f3c3465a52b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe580eb43ac1a7577cd12d208eb4a21f0 1c404898df4167c5c63791ec92c4e2003043c012 f0d7b53f46cf319b93388506e35a6c03b9749d68ecc7ae953bd3bcf112ae60f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc34d6996-c4fc-4cbc-ba70-7f3c3465a52b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: aaa8d8c4-d64b-4747-bc62-c6f674a85aac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BHu01FlEIAMFkyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ffc4eb-62ebebce5d09561f38d140dd;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: KFdLAHWaenDuF54qov3YUjTXZG9KDtPHOGhyuG_Oqjcf9ARUZDQWhg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 21:59:22 GMT
age: 25222
etag: "1c404898df4167c5c63791ec92c4e2003043c012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facafed04-c38d-4d13-b6e6-abc4ff717cd5.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facafed04-c38d-4d13-b6e6-abc4ff717cd5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc0ecbd2df2daf356cc62204b0707eba6 fc5cd9b4875c47340b22fa2f3a3600afb20c50ee 7b75cae9a3ac7698ae481129eddc08abd3bf0d3932febec5406251e644dcc29f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facafed04-c38d-4d13-b6e6-abc4ff717cd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8174
x-amzn-requestid: 22cd82e5-1875-45b8-bfe7-db333c73be48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BHu7yGKrIAMF_dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ffc517-106b86da514997e107032c94;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: k_3izB-Z6OdlJwVCjsdDa_JGcJ3e_IcLkR8LTwpZph4ZHVa90pCTlw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 21:53:53 GMT
age: 25551
etag: "fc5cd9b4875c47340b22fa2f3a3600afb20c50ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:600 | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:600 IP142.250.74.74:0
GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbfoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Mar 2023 04:59:42 GMT
date: Thu, 02 Mar 2023 04:59:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|