Report - bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net

Report Overview

Submitted URL
bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net
IP
104.18.22.52
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-28 08:19:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	711 B	142.250.74.3
aadcdn.msauth.net	1421	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	1.7 kB	13.107.213.53
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.217.251
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	526 B	29 kB	104.17.24.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
cdn-jm-tools.web.app	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	23 kB	199.36.158.100
bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.2 kB	104.18.23.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net	Phishing
2022-09-28	medium	bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net	58 kB	2023-03-07	2023-03-08
Pretty URL bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:56 Last Seen2023-03-08 03:01:23 Times Seen1 Hash 478d53f6177f896ebfc8665483c28420 f2d0dd37b3216ae58fe6de32bc35f48d0bf58409 67f2229de043297fb7a70166096db9abf482ee22f493735732a7ae82d4d95e22 Loading...

	bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net	222 B	2023-03-07	2023-03-08
Pretty URL bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:56 Last Seen2023-03-08 03:01:23 Times Seen1 Hash a3016ec18c84548ce95455815056eb2a 3c22a595b7368ea9c8dc63779f25bf3a240d99ff 74e8c66bcde08dd5e16328ea31f4a3c49f85bf1de6d570288a36b38b59965041 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-26 06:55:16 Times Seen56415 Hash 12108007906290015100837a6a61e9f4 1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3 c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4 Loading...

	bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net	3.2 kB	2023-03-07	2024-04-25
Pretty URL bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:12:26 Last Seen2024-04-25 06:14:09 Times Seen9999 Hash 9931e8964f3f61f180ec3b7d0e14f871 57b2932eaad0420688415fe708dc19262048494c 7c0dfba519cd6eab8ce2f3bbe82ff23a1c25249dc791924cabcdbfbe8d13a75a Loading...

		Size	First Seen	Last Seen
	#1 Write - 63fd6d71fd07b4ec8c0a5a1397ced468	19 kB	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 16:02:56 Last Seen2023-03-08 03:01:23 Times Seen1 Hash 63fd6d71fd07b4ec8c0a5a1397ced468 f3fd4542fe1ba6c751faafed93e25f72074f36ee 1ffb8cec999b07e01c2d2151ffc1f8b79887aba2709b6002319a3211bead4c7d Loading...

HTTP Transactions (29)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:42:53 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1HtbIHkaIH4DS9TzjEMhZhzQa2siQLTn_urxKn3inv_qXNkJXSmUqg==
Age: 2176

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5CLJqamU7IfVxvvqrtc0tsgZ0IR0WsrUk9J52Uy-3scc-EkQGpV96Q==
age: 82496
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4146
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 08:19:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
05cb6edf843e805a787e7984d2277b32
6f975840eb050c79ebf7e734032fd2e59f167845
c0708a61cfbc0a205e314f171b72d2155bae576585d2f6476105caa5a9c1b410

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:19:09 GMT
Last-Modified: Wed, 28 Sep 2022 06:37:14 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 279

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:19:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Xva9G3Eq7pRnlEpINDIksKPHbirh6OZ-DpV3ORPW9bfRT1zZHZeTw==
Age: 2976

cdn-jm-tools.web.app/d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

199.36.158.100

200 OK

1.3 kB

URL HTTP/2
cdn-jm-tools.web.app/d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
1.3 kB (1274 bytes)
Hash
edd4cdbe3c8901714a0b7d1d0aca5e9d
12b33ff44aaf9bcfc71ac80c28a3cf2ba96869ee
030a596370a8e688e85e75fa8edb8bb41c6a1943359a0fc55353306a4cafd214

HTTP Headers

GET /d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: cdn-jm-tools.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "2084deafc36fbaca40a6352319b3c1edb1262245428033547de6b82e0c2dcfe8-br"
last-modified: Sat, 25 Apr 2020 21:22:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 28 Sep 2022 08:19:09 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664353150.942981,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1274
X-Firefox-Spdy: h2

cdn-jm-tools.web.app/d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png

199.36.158.100

200 OK

240 B

URL HTTP/2
cdn-jm-tools.web.app/d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
240 B (240 bytes)
Hash
7cc096da6aa2dba3f81fcc1c8262157c
a50776316f0220ed7cd7882a68c742a8861c999d
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83

HTTP Headers

GET /d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1
Host: cdn-jm-tools.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "a512441fed43fc63c5a2bbce213d4081532632f57c75eb60cb7dd0e4a1126b38"
last-modified: Sat, 25 Apr 2020 21:22:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 28 Sep 2022 08:19:09 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664353150.944672,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 240
X-Firefox-Spdy: h2

cdn-jm-tools.web.app/d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css

199.36.158.100

200 OK

19 kB

URL HTTP/2
cdn-jm-tools.web.app/d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (61112)
Size
19 kB (18705 bytes)
Hash
d4f3d3cb45fb4146963592f99a3fca4d
758b97429b2e6a74469a4057e66bdd9761961bfd
180ed6b42ce49176e493ebf3f2145e670be96178b9e2f60001e81532e32268cb

HTTP Headers

GET /d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css HTTP/1.1
Host: cdn-jm-tools.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "180ed6b42ce49176e493ebf3f2145e670be96178b9e2f60001e81532e32268cb"
last-modified: Sat, 25 Apr 2020 21:22:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 28 Sep 2022 08:19:09 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664353150.944667,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18705
X-Firefox-Spdy: h2

cdn-jm-tools.web.app/d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg

199.36.158.100

200 OK

230 B

URL HTTP/2
cdn-jm-tools.web.app/d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
230 B (230 bytes)
Hash
48a9b1d4a7c800a46403ce945c868689
7b74e3e0655f852fb0348d02e84b77a98e4dd669
a86f7eaba652f826f84dd122a6be5b6d98fdc2fa3348dba9ed2020ce1baf6c62

HTTP Headers

GET /d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1
Host: cdn-jm-tools.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "cf034e803491c0dbb1074332cd18fac418b94b0a139a7ddbf92ec40574951a8a-br"
last-modified: Sat, 25 Apr 2020 21:22:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 28 Sep 2022 08:19:09 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664353150.944562,VS0,VE3
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 230
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:19:09 GMT
Last-Modified: Wed, 28 Sep 2022 07:53:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6033
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:19:09 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:36 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27964 bytes)
Hash
391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b

HTTP Headers

GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:19:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7397174
expires: Mon, 18 Sep 2023 08:19:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPpvDzNVPOyH%2FYtwDTScecIcdafk1rnJ0fgeIN4jvCfva9iXflEFn3G8QryEjTWpsfyVqFMnMw8bASFWjpSAQ%2FYAuYRGWmieKfgbl3Z9zi3MbEbVGn3eaiEd1Q4qhR0LyDz4%2BWzU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751b0d73686bb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1529
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:19:10 GMT
Last-Modified: Wed, 28 Sep 2022 07:53:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86a2bac031f43be860fd5255e36a55e3
3db4d70187deadcbf7acdcf7fb089cf99f6f703c
60cf0fd58edda4905b961dca39a544d006332215840878ab12dd643c165b5e91

HTTP Headers

POST /s/gts1d4int/7ZBQLSBvJ5A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:19:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

13.107.213.53

200 OK

673 B

URL HTTP/2
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Size
673 B (673 bytes)
Hash
0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 28c092f7-801e-005f-73e2-d1dd5f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 04KcyYwAAAADhXjn3zqH0SJvqGPiklXhjQU1TMDRFREdFMTgwOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0fgM0YwAAAACWXdVgfRQ9S5uskAyThcG1U1ZHMjBFREdFMDUxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Wed, 28 Sep 2022 08:19:09 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.217.251

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.217.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hDs4biisu/9REMnBxjEq3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G2D3PmticckyabQ4ROr/8Mwr2ZY=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 08:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 08:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 08:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 08:19:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 37928
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6157 bytes)
Hash
b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:24:38 GMT
age: 3273
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9314 bytes)
Hash
3c58fdf09a7d552be0c8666522a29de7
60c873f097c85376797fed366804119f7e9c445e
24569f084d3fd428526503bde8b3da64152911934cd5e0e9140c06d954e4bcd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9314
x-amzn-requestid: 0639452b-7f17-4513-aeb1-20b465ed3e93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HzCIAMF-vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-52afa1da17c4557c5e8c3564;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4mjt2-5F0Chu1G7jShI6rXfTuBMd6JOYxFMtla-EgL7i82SThJnp5w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:38:41 GMT
age: 38430
etag: "60c873f097c85376797fed366804119f7e9c445e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 38302
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 36601
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5377 bytes)
Hash
c301dff6ddda16fd64692c19173cfa8c
2afdfb716192540a61327137706462c53588bf23
fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _yH8kTWHHDU-LcnNz0fjoHkPhf6dRP7p7QydoE3DNu4fJhDpEkxPrg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:17 GMT
age: 37734
etag: "2afdfb716192540a61327137706462c53588bf23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net

104.18.23.52

200 OK

0 B

URL HTTP/2
bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /aatoo.html?email=david.fogel@slurpmail.net HTTP/1.1
Host: bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:19:09 GMT
content-type: text/html
cf-ray: 751b0d6ebf09b521-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods: GET, GET, POST, OPTIONS
access-control-expose-headers: Link
server-timing: request;dur=431
timing-allow-origin: *
x-dotstorage-resolution-id: https://ipfs.io
x-dotstorage-resolution-layer: public-race
x-ipfs-datasize: 58366
x-ipfs-gateway-host: ipfs-bank12-fr2
x-ipfs-lb-pop: gateway-bank2-fr2
x-ipfs-path: /ipfs/bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm/aatoo.html
x-ipfs-pop: ipfs-bank12-fr2
x-ipfs-roots: bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm,bafkreidy7jlfntdkg75on4pesb7lhv6o4umvz7mcgesaaektrkbtxo5tua
x-proxy-cache: HIT
x-request-uri-suffix: cquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm/aatoo.html
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/

104.18.23.52

404 Not Found

0 B

URL HTTP/2
bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/ HTTP/1.1
Host: bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bafybeicquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm.ipfs.w3s.link/aatoo.html?email=david.fogel@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 28 Sep 2022 08:19:11 GMT
content-type: text/plain; charset=utf-8
cf-ray: 751b0d738d51b521-OSL
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Link
server-timing: request;dur=1430
timing-allow-origin: *
x-content-type-options: nosniff
x-dotstorage-resolution-id: undefined
x-dotstorage-resolution-layer: public-race
x-ipfs-datasize: 278
x-ipfs-lb-pop: gateway-bank3-am6
x-ipfs-pop: ipfs-bank6-am6
x-request-uri-suffix: cquonh3zkotsi2qqbi7krb4kqsptzv2uhk2wmfyflluwnq7is4gm/%2Ahttps:/aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg%2A/
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (29)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN