Report - www.treca.org/monster-lite/document/hercules_greek_mythology

Report Overview

Submitted URL
www.treca.org/monster-lite/document/hercules_greek_mythology_pdf
IP
172.104.28.18
ASN
#63949 Linode, LLC
Submitted
2022-11-29 21:13:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
www.treca.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.9 kB	172.104.28.18
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.234.253
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	965 B	108.157.217.162
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	406 B	18.185.190.54
tallysaturatesnare.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.6 kB	173.233.137.60
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	83 kB	45.133.44.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
dimlyconfidential.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	10 kB	173.233.137.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	tallysaturatesnare.com	Sinkholed
2022-11-29	medium	tallysaturatesnare.com	Sinkholed

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.treca.org/monster-lite/document/hercules_greek_mythology_pdf	401 B	2023-03-11	2023-03-11
Pretty URL www.treca.org/monster-lite/document/hercules_greek_mythology_pdf IP 172.104.28.18 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:37:32 Last Seen2023-03-11 22:37:32 Times Seen1 Hash a296ab64fd5ee750c1316629c100c0ca a191398e5d96d0d191d1b5d2d7ab06c40cffb160 0d1412eee3499eb75271d90991fc223e8cb13077c0ca1df363496ac709b0d10a Loading...

	www.treca.org/monster-lite/document/hercules_greek_mythology_pdf	348 B	2023-03-07	2023-03-13
Pretty URL www.treca.org/monster-lite/document/hercules_greek_mythology_pdf IP 172.104.28.18 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:18 Last Seen2023-03-13 01:45:45 Times Seen1 Hash 185584cc0ff2a6e103c0d6fd06e02df7 bd349ecbec0ccdade86ea70d6ecc5a6eb5bc1ac4 76055bef0d7e5c4f848707f1b7748561e777668db47b0c5de8c0bf3e231182bb Loading...

	dimlyconfidential.com/7e864a2690d7dccc68b6732aa3a1033f/invoke.js	27 kB	2023-03-08	2023-03-11
Pretty URL dimlyconfidential.com/7e864a2690d7dccc68b6732aa3a1033f/invoke.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:33 Last Seen2023-03-11 23:23:55 Times Seen1 Hash e7b88cb19b9fb861e3b02f510455dbed c859c981bb1aec509a7d25af5790f303db9a819a 31f6354b673f60f3d09b586be78dfcf6f7fb7906a99cfb7c8739d8942246996c Loading...

	http:blank	145 B	2023-03-07	2023-05-09
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:18 Last Seen2023-05-09 05:07:44 Times Seen4 Hash 57e5de8023a3c1f51d2668dc53965001 2f281858f4c3266da885b2f135e4a476c054cf80 9414264ba6d3f80fc7935c55e2561cd30fd7361dbe69c603ac96a63872d14731 Loading...

	http:blank	3.4 kB	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:37:33 Last Seen2023-03-11 22:37:33 Times Seen1 Hash b012e24f55d3400c78fd255825d1c715 3505ef9328ad78eca1d536cf5a6fd06930e7c0a9 2a94635fc1e1bb00bebb433e6d0b8bc802a47d0fa073b5c6b25bd963723f5b5f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 85a28696a382c876dca308fa413f0d79	2.1 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:37:33 Last Seen2023-03-11 22:37:33 Times Seen1 Hash 85a28696a382c876dca308fa413f0d79 740a5e56f11eb9469a0616fc490c6d0b51141efb 0261a39ba63d46c2ca31fac8501ac6aab3087ef958f6dc2a6b437c7ea2d68ec5 Loading...

		Size	First Seen	Last Seen
	#1 Write - b17aa0029a71ada754e4df09650f658d	119 B	2023-03-07	2023-11-17
Pretty Observations First Seen2023-03-07 01:35:18 Last Seen2023-11-17 16:45:29 Times Seen3 Hash b17aa0029a71ada754e4df09650f658d 2747f9ba1c1a7df4ffcb3fbd82ef2c1f929003fe 69d888d7d6402a63b80fbf8580bd66bc32c991fb4c2c8cc0bb3ab38d07ac4a10 Loading...

HTTP Transactions (31)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Wed, 30 Nov 2022 00:16:46 GMT
Date: Tue, 29 Nov 2022 21:13:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Tue, 29 Nov 2022 22:24:40 GMT
Date: Tue, 29 Nov 2022 21:13:25 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5435
Cache-Control: max-age=139701
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 21:13:25 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:01:46 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8TXYb4Z3qklBBjL8XNEcDfp/FkHlWGvmSqbfiM2PgRkp6XJhcveWvafIWCbRhpqJrVvdVxhaR7o=
x-amz-request-id: MQZKZDSA2215YPQ8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 20:44:57 GMT
age: 1708
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 20:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3330
alt-svc: clear
X-Firefox-Spdy: h2

www.treca.org/monster-lite/document/hercules_greek_mythology_pdf

172.104.28.18

301 Moved Permanently

194 B

URL HTTP/1.1
www.treca.org/monster-lite/document/hercules_greek_mythology_pdf
IP
172.104.28.18:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
194 B (194 bytes)
Hash
ec0f2d6d8da7997a10f72a2537729e59
d6b8ca36f266d92775f5b757e65b8c10c747c30a
95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8

HTTP Headers

GET /monster-lite/document/hercules_greek_mythology_pdf HTTP/1.1
Host: www.treca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Nov 2022 21:13:25 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://www.treca.org/monster-lite/document/hercules_greek_mythology_pdf

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 21:13:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 21:11:13 GMT
cache-control: public,max-age=3600
age: 132
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fd5bc9038557c87286efb202e5fec0b
f3e920f471c31b04d4a69c0d8fbe8714efaecf5f
cf30b0ccde85c01dea95e3b49c1e3e54b80ff8aff60faf75bbaf52fd8cdbb066

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF30B0CCDE85C01DEA95E3B49C1E3E54B80FF8AFF60FAF75BBAF52FD8CDBB066"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 30 Nov 2022 03:13:25 GMT
Date: Tue, 29 Nov 2022 21:13:25 GMT
Connection: keep-alive

www.treca.org/monster-lite/document/hercules_greek_mythology_pdf

172.104.28.18

200 OK

945 B

URL HTTP/1.1
www.treca.org/monster-lite/document/hercules_greek_mythology_pdf
IP
172.104.28.18:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
945 B (945 bytes)
Hash
69fe82deb6f8e9fefe0ccbe4cf56ed17
53827b18c69cb3a8490db795d83c70d01794754d
7b47125eeda9e94ea2b15a860dccc23a3f6ec190a3787860c8c0d16e3bebefef

HTTP Headers

GET /monster-lite/document/hercules_greek_mythology_pdf HTTP/1.1
Host: www.treca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Nov 2022 21:13:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3503
Cache-Control: max-age=132705
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 21:13:26 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:05:11 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.234.253

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.234.253:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1T5S8xop3/5bHuDGZLLctQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NUOcxVt1v49CK/eh3dOBc0uSvRk=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b1aab7e219bf84960f81756bb4820f5e
9f3fd2421cb36b065066e595cd90d1095f57f0f2
73e17ea7187ae1ed203f2af5e2a728f7ec049414ae09189b76d13e3005375042

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73E17EA7187AE1ED203F2AF5E2A728F7EC049414AE09189B76D13E3005375042"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Wed, 30 Nov 2022 03:12:29 GMT
Date: Tue, 29 Nov 2022 21:13:26 GMT
Connection: keep-alive

dimlyconfidential.com/7e864a2690d7dccc68b6732aa3a1033f/invoke.js

173.233.137.44

200 OK

9.8 kB

URL HTTP/1.1
dimlyconfidential.com/7e864a2690d7dccc68b6732aa3a1033f/invoke.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Size
9.8 kB (9782 bytes)
Hash
38eb5b959bcc6fc18e56194ed80d7a2c
566212f2531beb724997b4b5bd23d28ab10c1274
afde3ed14fc8d6cc79082d48b74196411d35cbe4300a46679cc6633e59b1ec3d

HTTP Headers

GET /7e864a2690d7dccc68b6732aa3a1033f/invoke.js HTTP/1.1
Host: dimlyconfidential.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.treca.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 21:13:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1892cb05d2e426d3e8a1f6aa162b6ee5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

108.157.217.162

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.157.217.162:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6d4aa81497d78e8890f1833dfd810f3b
1a661b0ea7a2272d32a364d110f8b2525a13a72a
c3127cd2765f7a80a75f4000fbbd0680b93a944448f0260b6c4a1dd6b041bbfa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 21:13:27 GMT
Etag: "638651c4-37"
Last-Modified: Tue, 29 Nov 2022 18:39:00 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: slmPCalFEkIHrX-K4e1PtpGHEckf2J6AADMWu5hYh2EhNQhQdl6pFQ==
Age: 1883

www.treca.org/favicon.ico

172.104.28.18

404 Not Found

141 B

URL HTTP/1.1
www.treca.org/favicon.ico
IP
172.104.28.18:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
141 B (141 bytes)
Hash
1e028d1bedabe7da4b30c957ea6cae6f
a4bb4db4539f4a027fa1bde783c8d7becca07a04
5eb298958a1c4bb4495ba1bbbf743ee28070c866bf26bf7541ef94e9f0fc67e7

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.treca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.treca.org/monster-lite/document/hercules_greek_mythology_pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Nov 2022 21:13:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1579863f423a4cdf68960575695f1f32
0e99df887b322e40c0a7b5f8e862c960971785f3
5395ddb2187206a10010f3b7db51fb1aa3bead5bd51c16b23d5eead9ed5013b5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.treca.org
Connection: keep-alive
Referer: https://www.treca.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 21:13:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.treca.org
access-control-allow-credentials: true
set-cookie: uid_id2=5c04ff89-c0cd-4670-a53a-a952aae02db2:2:1; expires=Fri, 26 Nov 2032 21:13:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8685
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 21:13:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8685
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 21:13:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8685
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 21:13:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4871 bytes)
Hash
a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 12:20:15 GMT
age: 31992
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 65530
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 65875
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9203 bytes)
Hash
5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:05:38 GMT
age: 61669
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 84199
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 58866
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e522c74f3ef0d1b719e47988f1db4c72
d1cae72d7ec41694df696ff175041d043cb9dbf6
2ac181bff12c5547ab34600033ef12150ce0031b5e3885ec0f6e94640b1010ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AC181BFF12C5547AB34600033EF12150CE0031B5E3885EC0F6E94640B1010EC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1788
Expires: Tue, 29 Nov 2022 21:43:15 GMT
Date: Tue, 29 Nov 2022 21:13:27 GMT
Connection: keep-alive

173.233.137.60

307 Temporary Redirect

0 B

URL HTTP/1.1
tallysaturatesnare.com/watch.900006845511.js?key=7e864a2690d7dccc68b6732aa3a1033f&kw=%5B%22page%22%2C%22not%22%2C%22found%22%5D&refer=https%3A%2F%2Fwww.treca.org%2Fmonster-lite%2Fdocument%2Fhercules_greek_mythology_pdf&tz=0&dev=e&res=12.1055&uuid=5c04ff89-c0cd-4670-a53a-a952aae02db2%3A2%3A1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.900006845511.js?key=7e864a2690d7dccc68b6732aa3a1033f&kw=%5B%22page%22%2C%22not%22%2C%22found%22%5D&refer=https%3A%2F%2Fwww.treca.org%2Fmonster-lite%2Fdocument%2Fhercules_greek_mythology_pdf&tz=0&dev=e&res=12.1055&uuid=5c04ff89-c0cd-4670-a53a-a952aae02db2%3A2%3A1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.treca.org
Connection: keep-alive
Referer: https://www.treca.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 21:13:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.treca.org
Access-Control-Allow-Origin: https://www.treca.org
Access-Control-Allow-Credentials: true
Location: https://tallysaturatesnare.com/watch.900006845511.js?key=7e864a2690d7dccc68b6732aa3a1033f&kw=%5B%22page%22%2C%22not%22%2C%22found%22%5D&refer=https%3A%2F%2Fwww.treca.org%2Fmonster-lite%2Fdocument%2Fhercules_greek_mythology_pdf&tz=0&dev=e&res=12.1055&uuid=5c04ff89-c0cd-4670-a53a-a952aae02db2%3A2%3A1&shu=64b26b1f78fe6c17519f4854b2c2c59638597af93c379a0fb6003baf265ca6b74aee845a627b9a75bd4febba5c5502c52ef511da4d8d6d13c72320387cd443e32e873c2c005a96e9e8e8e52b94176f123dd094c61999295bb6f64b45febbf46359&pst=1669756467&rmtc=t
Set-Cookie: u_pl=16146086; expires=Wed, 30 Nov 2022 21:13:27 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE0NjA4NiwiayI6IjdlODY0YTI2OTBkN2RjY2M2OGI2NzMyYWEzYTEwMzNmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTE2NTY5LCJwaWQiOjE3MzQyOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoieDBpOXN5cjgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlY2Eub3JnL21vbnN0ZXItbGl0ZS9kb2N1bWVudC9oZXJjdWxlc19ncmVla19teXRob2xvZ3lfcGRmIn19.ATazRUQAlInKwZGWX7ari704UMrMXVnWowG94355ACA; expires=Tue, 29 Nov 2022 21:14:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4b0019fa4d5bfce6d2b05d60ab9ec06
Strict-Transport-Security: max-age=0; includeSubdomains

tallysaturatesnare.com/watch.900006845511.js?key=7e864a2690d7dccc68b6732aa3a1033f&kw=%5B%22page%22%2C%22not%22%2C%22found%22%5D&refer=https%3A%2F%2Fwww.treca.org%2Fmonster-lite%2Fdocument%2Fhercules_greek_mythology_pdf&tz=0&dev=e&res=12.1055&uuid=5c04ff89-c0cd-4670-a53a-a952aae02db2%3A2%3A1&shu=64b26b1f78fe6c17519f4854b2c2c59638597af93c379a0fb6003baf265ca6b74aee845a627b9a75bd4febba5c5502c52ef511da4d8d6d13c72320387cd443e32e873c2c005a96e9e8e8e52b94176f123dd094c61999295bb6f64b45febbf46359&pst=1669756467&rmtc=t

173.233.137.60

200 OK

2.1 kB

URL HTTP/1.1
tallysaturatesnare.com/watch.900006845511.js?key=7e864a2690d7dccc68b6732aa3a1033f&kw=%5B%22page%22%2C%22not%22%2C%22found%22%5D&refer=https%3A%2F%2Fwww.treca.org%2Fmonster-lite%2Fdocument%2Fhercules_greek_mythology_pdf&tz=0&dev=e&res=12.1055&uuid=5c04ff89-c0cd-4670-a53a-a952aae02db2%3A2%3A1&shu=64b26b1f78fe6c17519f4854b2c2c59638597af93c379a0fb6003baf265ca6b74aee845a627b9a75bd4febba5c5502c52ef511da4d8d6d13c72320387cd443e32e873c2c005a96e9e8e8e52b94176f123dd094c61999295bb6f64b45febbf46359&pst=1669756467&rmtc=t
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (2560)
Size
2.1 kB (2074 bytes)
Hash
78b01cac1f1409f954da9cf1c9cf7b04
955760cf90d2dc19532da35e68780768710fad77
048bee8cfaeb81a5737c1918ff8a07a31bab64d81c08d3e62d23fcf7456635ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.900006845511.js?key=7e864a2690d7dccc68b6732aa3a1033f&kw=%5B%22page%22%2C%22not%22%2C%22found%22%5D&refer=https%3A%2F%2Fwww.treca.org%2Fmonster-lite%2Fdocument%2Fhercules_greek_mythology_pdf&tz=0&dev=e&res=12.1055&uuid=5c04ff89-c0cd-4670-a53a-a952aae02db2%3A2%3A1&shu=64b26b1f78fe6c17519f4854b2c2c59638597af93c379a0fb6003baf265ca6b74aee845a627b9a75bd4febba5c5502c52ef511da4d8d6d13c72320387cd443e32e873c2c005a96e9e8e8e52b94176f123dd094c61999295bb6f64b45febbf46359&pst=1669756467&rmtc=t HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.treca.org
Referer: https://www.treca.org/
Connection: keep-alive
Cookie: u_pl=16146086; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE0NjA4NiwiayI6IjdlODY0YTI2OTBkN2RjY2M2OGI2NzMyYWEzYTEwMzNmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTE2NTY5LCJwaWQiOjE3MzQyOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoieDBpOXN5cjgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlY2Eub3JnL21vbnN0ZXItbGl0ZS9kb2N1bWVudC9oZXJjdWxlc19ncmVla19teXRob2xvZ3lfcGRmIn19.ATazRUQAlInKwZGWX7ari704UMrMXVnWowG94355ACA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 21:13:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.treca.org
Access-Control-Allow-Origin: https://www.treca.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c04ff89-c0cd-4670-a53a-a952aae02db2:2:1; expires=Tue, 06 Dec 2022 21:13:27 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 30 Nov 2022 21:13:27 GMT; secure; SameSite=None
uncs=1; expires=Wed, 30 Nov 2022 21:13:27 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 30 Nov 2022 21:13:27 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 30 Nov 2022 21:13:27 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a95c61b7a3909178813a5b90993587b6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6345f845bbd2c2950fe27f4a0faf2353
27e0ccd4d3d81cb9382dcdbd3e8f61b19a674d76
68579d0b5925d3df0cdbc6acf7fe94428b15cea08e93a549308a104762511dd5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68579D0B5925D3DF0CDBC6ACF7FE94428B15CEA08E93A549308A104762511DD5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11198
Expires: Wed, 30 Nov 2022 00:20:06 GMT
Date: Tue, 29 Nov 2022 21:13:28 GMT
Connection: keep-alive

cdn.cloudimagesb.com/bi/c5/41/53/c5415319f7e336cba19c268422fb5c0c/1664274031.gif

45.133.44.10

200 OK

83 kB

URL HTTP/2
cdn.cloudimagesb.com/bi/c5/41/53/c5415319f7e336cba19c268422fb5c0c/1664274031.gif
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
GIF image data, version 89a, 728 x 90\012- data
Size
83 kB (82747 bytes)
Hash
021d74a0c66fa554752378e04ad525ad
6d5ce086a99a82cacbe56017f4300cc4fc70f42e
6148e52ac1909c91902f04b62ccb5d200f5cb2868389110f03d5da0f89efa83c

HTTP Headers

GET /bi/c5/41/53/c5415319f7e336cba19c268422fb5c0c/1664274031.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 21:13:28 GMT
content-type: image/gif
content-length: 82747
server: nginx/1.17.6
last-modified: Tue, 27 Sep 2022 10:20:39 GMT
etag: "6332ce77-1433b"
expires: Thu, 01 Dec 2022 21:13:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (31)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1