Overview

URLverifyus.net/99bb482
IP 111.90.158.214 (Malaysia)
ASN#45839 Shinjiru Technology Sdn Bhd
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-27 22:19:40 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
d1j9qsxe04m2ki.cloudfront.net (1) 0 2022-11-25 17:54:54 UTC 2022-11-27 09:47:03 UTC 143.204.42.215 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-27 20:01:14 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.148.177
o425163.ingest.sentry.io (1) 608919 2020-11-26 10:37:53 UTC 2022-11-18 07:35:41 UTC 34.120.195.249
verifyus.net (3) 0 2021-04-25 10:04:55 UTC 2022-11-27 11:17:50 UTC 111.90.158.214 Unknown ranking
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-27 15:24:12 UTC 142.250.74.174
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
browser.sentry-cdn.com (1) 4393 2018-07-13 11:42:06 UTC 2022-11-27 19:59:38 UTC 151.101.130.217
dwmsurhf1svv8.cloudfront.net (5) 0 2022-11-26 21:39:51 UTC 2022-11-27 20:11:04 UTC 143.204.42.148 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-27 19:56:33 UTC 142.250.74.138
d13pxqgp3ixdbh.cloudfront.net (13) 0 2022-11-25 10:50:47 UTC 2022-11-27 15:49:55 UTC 54.230.245.23 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-27 05:29:56 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-27 05:29:57 UTC 34.117.237.239

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-27 2 verifyus.net/99bb482 Phishing
2022-11-27 2 verifyus.net/99bb482/ws Phishing
2022-11-27 2 d1j9qsxe04m2ki.cloudfront.net/74e10a7.js Malware
2022-11-27 2 dwmsurhf1svv8.cloudfront.net/public/external/v2/html.3161032.5f6f7.0.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 111.90.158.214
Date UQ / IDS / BL URL IP
2023-01-14 09:42:39 +0000 0 - 2 - 1 verifyus.net/ 111.90.158.214
2023-01-11 14:12:48 +0000 0 - 0 - 3 topunlocker.net/60153b7 111.90.158.214
2023-01-06 07:47:33 +0000 0 - 0 - 3 filezone.info/c434895 111.90.158.214
2022-12-18 03:59:04 +0000 0 - 0 - 4 verifyyou.net/a3f801f 111.90.158.214
2022-12-16 22:44:51 +0000 0 - 0 - 5 webfile24.com/nanlx4~414064t 111.90.158.214


Last 5 reports on ASN: Shinjiru Technology Sdn Bhd
Date UQ / IDS / BL URL IP
2023-02-05 14:22:37 +0000 0 - 0 - 1 netwerkstatistiek.info/ics/a1b2c3/e7a221fb347 (...) 111.90.151.165
2023-02-05 14:20:49 +0000 0 - 0 - 1 netwerkstatistiek.info/ics/a1b2c3/4f7a85e3651 (...) 111.90.151.165
2023-02-05 14:19:48 +0000 0 - 0 - 1 netwerkstatistiek.info/ics/a1b2c3/11d40d00529 (...) 111.90.151.165
2023-02-05 12:42:28 +0000 0 - 0 - 1 netwerkstatistiek.info/ics/a1b2c3/76d4e6f8c26 (...) 111.90.151.165
2023-02-05 12:41:57 +0000 0 - 0 - 1 netwerkstatistiek.info/ics/a1b2c3/43704214f85 (...) 111.90.151.165


Last 5 reports on domain: verifyus.net
Date UQ / IDS / BL URL IP
2023-01-14 09:42:39 +0000 0 - 2 - 1 verifyus.net/ 111.90.158.214
2022-12-14 20:22:01 +0000 0 - 0 - 4 verifyus.net/4ee5a10 111.90.159.57
2022-12-05 17:54:06 +0000 0 - 0 - 4 verifyus.net/2b85ac6 111.90.159.57
2022-11-30 14:00:26 +0000 0 - 0 - 4 verifyus.net/99bb482 111.90.158.214
2022-11-29 13:44:36 +0000 0 - 0 - 4 verifyus.net/2804a40 111.90.159.57


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-29 19:23:23 +0000 0 - 0 - 2 verifyyou.net/ca186f4 111.90.159.57
2023-01-07 20:45:04 +0000 0 - 6 - 3 tiny.cc/BeastGiveaways 157.245.113.153
2022-11-30 14:00:26 +0000 0 - 0 - 4 verifyus.net/99bb482 111.90.158.214
2022-11-28 21:35:34 +0000 0 - 0 - 5 gamesfile.xyz/ 198.251.89.164
2022-11-06 20:16:52 +0000 0 - 0 - 3 filezone.info/36533e9 111.90.158.214

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (51)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11546
Expires: Mon, 28 Nov 2022 01:31:55 GMT
Date: Sun, 27 Nov 2022 22:19:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3437
Cache-Control: max-age=133741
Date: Sun, 27 Nov 2022 22:19:29 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:28:30 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10365
Expires: Mon, 28 Nov 2022 01:12:14 GMT
Date: Sun, 27 Nov 2022 22:19:29 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: sTwgVhSdCSMccsN4ZY0JpmkcUuH7v4FykX1fKPzQQxs6Ji7H01Y50tTc+4V0wlJH3YyBQxMaZPk=
x-amz-request-id: BR61ZHX47Q5V27TB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 21:44:47 GMT
age: 2082
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 22:19:26 GMT
cache-control: public,max-age=3600
age: 3
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 22:19:29 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 22:08:54 GMT
cache-control: public,max-age=3600
age: 636
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /6.4.1/bundle.min.js HTTP/1.1 
Host: browser.sentry-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://verifyus.net
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.130.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: public, max-age=31536000
expires: Sat, 23 Sep 2023 05:15:36 GMT
last-modified: Wed, 19 May 2021 16:36:38 GMT
etag: "42639cce5db857005b8285dedd67553d"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 22:19:30 GMT
age: 5677432
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20972
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65448)
Size:   20972
Md5:    42639cce5db857005b8285dedd67553d
Sha1:   a24a4a308123397a9a786645f5843e70653d8552
Sha256: 2b5b83c27b4f52cb3fe8cebc8412b3ceb7c62a2dca290eef38117c33c85b3c66
                                        
                                            GET /99bb482 HTTP/1.1 
Host: verifyus.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         111.90.158.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 22:19:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Connection: close
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1302), with CRLF, LF line terminators
Size:   29503
Md5:    999e2327c2babc7ebf4d344426a18aaf
Sha1:   8641509a434bd68df84b3ba6095e240a13567ae0
Sha256: e4ef7838bb17f4b3a2881b59bbbc621dd36fe0c79b9394c8d1a7c087899b1c5e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5443
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 22:19:30 GMT
Last-Modified: Sun, 27 Nov 2022 20:48:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/roboto/v15/RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://verifyus.net
Connection: keep-alive

search
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14596
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 26 Nov 2022 06:51:21 GMT
Expires: Sun, 26 Nov 2023 06:51:21 GMT
Cache-Control: public, max-age=31536000
Age: 142089
Last-Modified: Wed, 14 Jan 2015 22:47:38 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14596, version 2.0\012- data
Size:   14596
Md5:    bb474f16c9f76f522d656d66aa4a220e
Sha1:   55161308d29d91ec21aadf6f63da390a902c053b
Sha256: 01a44f86a9b361ef0d3ad5e4f9f0f01d394ab53fc5b0e3dff92466fa411e706b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 22:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:02:59 GMT
expires: Wed, 22 Nov 2023 14:02:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 461791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   30028
Md5:    6d973c8b7e2439d958e09c0a1ab9fe50
Sha1:   05ae0830200c20b9a2dfd5a825adc400481a60fb
Sha256: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 22:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BA9A23AD72A0B42BB014D53D6DEF237B3BD44A988772FB7F2DDD898C565D10F2"
Last-Modified: Sat, 26 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10541
Expires: Mon, 28 Nov 2022 01:15:11 GMT
Date: Sun, 27 Nov 2022 22:19:30 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dTAsqyU9vpRgo2T4H4Yx8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.148.177
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pOGJqCN2OPtKfNmKN2iPz40FL5k=

                                        
                                            POST /api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7 HTTP/1.1 
Host: o425163.ingest.sentry.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://verifyus.net/
Content-Type: text/plain;charset=UTF-8
Origin: http://verifyus.net
Content-Length: 781
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.195.249
HTTP/2 429 Too Many Requests
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 22:19:30 GMT
content-length: 198
retry-after: 13
x-sentry-rate-limits: 13:default;error;security;attachment:organization:error_usage_exceeded
access-control-allow-origin: http://verifyus.net
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   198
Md5:    478b411c59eb87249bea32cf7c7be5d2
Sha1:   023907c62eb55758905bb3c0e640b5b204ae0652
Sha256: bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BA9A23AD72A0B42BB014D53D6DEF237B3BD44A988772FB7F2DDD898C565D10F2"
Last-Modified: Sat, 26 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10541
Expires: Mon, 28 Nov 2022 01:15:11 GMT
Date: Sun, 27 Nov 2022 22:19:30 GMT
Connection: keep-alive

                                        
                                            GET /uploads/16456066913af5eafc1e8f4b67bdb9fad531193dd3.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 9529
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
x-amz-version-id: QPZwrvOa2SGRY6j1Pkocfk2.CcPFUmtI
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 20:38:29 GMT
etag: "ccaa833c45dcb4ea162881be6dc91e0c"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t7_mGWldw6P82MmMh_zST5iaG_D5iHOyRu9dtQC-B2mYLT6AzGnmbw==
age: 6130
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   9529
Md5:    ccaa833c45dcb4ea162881be6dc91e0c
Sha1:   49734a815f59d17556136ed5a0c2eb5a47e15144
Sha256: a5b75ddbb788541f2b625130f823a6a26bc8106f1b7d30bd31a4fedd1a6d856b
                                        
                                            GET /uploads/16470047894e0de69106b6d5dc5add9dcfe186f25e.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 78469
last-modified: Fri, 11 Mar 2022 13:19:50 GMT
x-amz-version-id: fcOyD45QcUokxdIW2JQzGVFGLluh6gm5
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:58:38 GMT
etag: "bb54a65af58009e48c0ab87a11a77cf4"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: olnn1Vt9CN1fmkcD_6A2SxbeB4Gr4SYlK4dYRTs4_E9SuuiFFuF6vQ==
age: 69653
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size:   78469
Md5:    bb54a65af58009e48c0ab87a11a77cf4
Sha1:   f064eb6c77f82a1a66dc45d42fd81f13a32bdbf6
Sha256: 2e2c7f466c050e4e14548c8aa416680d115c159a99f93f97ae5e2a763c3bfadc
                                        
                                            GET /uploads/16456066916a38f76ae3e8e9726290ecaff38046f2.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 19705
last-modified: Wed, 23 Feb 2022 08:58:13 GMT
x-amz-version-id: feXPtQKsqBjA.yJS7XuZz0bIQAGPBMH3
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:58:38 GMT
etag: "6964ff24ad45b4c30c15081c6147ab08"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GkRGBjNTgl1f-aytTyNEz7PgyJO0cdY9s5G6mbLmLacyV9nxBHiIFA==
age: 69653
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 677 x 333, 8-bit colormap, non-interlaced\012- data
Size:   19705
Md5:    6964ff24ad45b4c30c15081c6147ab08
Sha1:   aee5564e36cccef45fb74541e1110847ab7466fa
Sha256: e90f3ef231d9b8c0871201da1135b8b1c156a9fdaac624ab368695f1276a0b9c
                                        
                                            GET /uploads/16454931964ae4b735cb411f2de267110a434da371.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 30101
last-modified: Tue, 22 Feb 2022 01:26:37 GMT
x-amz-version-id: 1olNR3_tZwPsSMFIzeclXxTG8ffZPmbR
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:58:38 GMT
etag: "672376c9d36a74a875752b88f2ccf289"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4-xrxxv2ZRkxpE2cfrhOpQLbI5u2PuAoowq1eOd1W2VS2A1X7o6DVw==
age: 69653
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   30101
Md5:    672376c9d36a74a875752b88f2ccf289
Sha1:   714b2f57977a174bfb4d77b6f98b716c5b7646e9
Sha256: 31634d2128e7d2b92f4577e21919d12818c3d4928ff3a4b1f277a61bb3de4f52
                                        
                                            GET /uploads/16454932785b7b640a16766af88f84901c26fde30d.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 30037
last-modified: Tue, 22 Feb 2022 01:27:59 GMT
x-amz-version-id: LXr30fUSVRI5OmOP22bMvd4hA5INHMG_
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 03:46:05 GMT
etag: "72c9812370f8235fdb1cff05170ef915"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hpI7-sgdUikvVNduVnQUkLGQaMrwJFOZuJNZu6xscVAtPe4E_0bA9w==
age: 66805
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   30037
Md5:    72c9812370f8235fdb1cff05170ef915
Sha1:   d2aa90d6e3be645d0bc5e1394370d13c467f2d43
Sha256: b2d951f1b331c622645082362bb5016ea5544a83ae12c03abd58a647310e87c9
                                        
                                            GET /uploads/16456066916e6559533a5e292ccba8bb80f9149007.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 12769
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
x-amz-version-id: qWhXdWD6ozQaJ.1oJMOpmTjlkVn6l6k0
accept-ranges: bytes
server: AmazonS3
date: Sat, 26 Nov 2022 23:35:24 GMT
etag: "677e596f3cd64052974585aa7e123c1e"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wi6HtCd3sbdwzMmN1IO0yYCt-zPlUcaaboJ-TqRAc5mJcnI8tY7glA==
age: 81847
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   12769
Md5:    677e596f3cd64052974585aa7e123c1e
Sha1:   92843957e506d7500dce6def69484d6bcb255dad
Sha256: 17abeedfe0763eff8133623a2b24502d116f561c2ca907e0263b490a958e2072
                                        
                                            GET /uploads/1645606691ccf0a7bdb704e85631127b851dc0e997.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 6552
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
x-amz-version-id: Hh5GCdeMrVnnrp5ASrE4eMIJ8HaFIhOY
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:58:38 GMT
etag: "72cd5bca1317cb4ccb7744a82a5b92cc"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K7oqWYdIrORCMHtD9uml1MWZOMon3uUKrcWze7gLexcYHQ5ysL9GfQ==
age: 69653
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   6552
Md5:    72cd5bca1317cb4ccb7744a82a5b92cc
Sha1:   e57009963d72ab7edc632c1c8fb0fe024f4f948e
Sha256: 47722d99cdc263f3783855402a9e9c81d12cbce823b6dba6b9ac3b948afd0075
                                        
                                            GET /uploads/164560669197909a539d87aced1c1438c4da903d01.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 7959
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
x-amz-version-id: yVMr_pqF8bM_T5zFyFeflToGbc2nMQn_
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 01:12:33 GMT
etag: "2ad10c7fd2ca9ff2c30c60316256f42d"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SLGrAsVAm5RVsrMEcQ40u9hQAdXXNl7tlZ26ufOwNMro_OTkQJN5jA==
age: 76018
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   7959
Md5:    2ad10c7fd2ca9ff2c30c60316256f42d
Sha1:   0a330895cdb84e68365b9ce9e184dc484da22907
Sha256: a71a66d454123464159618ae7fefc696774ce6b64b25c87b589c26778151d03e
                                        
                                            GET /uploads/1645606690250c6c064370ec8752e020ce647d55a1.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 29488
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
x-amz-version-id: cRdaK9HhLLcS9_wllPQb.ZMwmx1tSKec
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:58:38 GMT
etag: "959fb4eb8ce68f4120db1a1c19362c71"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g0F4JMh7D6aAXmNCz9XAf6YaSXBSOjQw5uYjLDOr5oKQN5MJrhBikg==
age: 69653
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   29488
Md5:    959fb4eb8ce68f4120db1a1c19362c71
Sha1:   340a129c1ae0696ae3cbabbeddf4f36e95d4dd9d
Sha256: 36372b5fdfae8de8e99b7a209ef8d6831b531644877b91bea3f5be51b7fa2adc
                                        
                                            GET /uploads/16456066910ad995c478735eeb59daf47640f653e3.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 31861
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
x-amz-version-id: jESQ7VF8lhOQmEKpco8QJsEG4PY.lIh1
accept-ranges: bytes
server: AmazonS3
date: Sat, 26 Nov 2022 23:10:06 GMT
etag: "3ea539d676fccf2fef78a5c74e5cc5dc"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qo6NGwM6xhjCPXhxEyXiCLuWY9bcBMn0QdBFZCMGE8qdFfvJlVMsWQ==
age: 83365
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   31861
Md5:    3ea539d676fccf2fef78a5c74e5cc5dc
Sha1:   0a6632809bc4ed012493f4eb5f7c7e9e1473bce5
Sha256: 1b20575865a1cb75844e1b88a862c90932305f38c7e9f25068e8ab6f50b82473
                                        
                                            GET /uploads/1645606690860b44915e39951ccef2f78aae356a84.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 31679
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
x-amz-version-id: RQYIgMchvr6G6gI3kkzRz2_v3JIfeLza
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 08:16:12 GMT
etag: "cf9c06469236cd8e8d2088087b10b5b8"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CDICbtuMQ_75CfvtGxuqo8twypoWfc6V0tH5okS9vVMb_g6-wamgSw==
age: 50599
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   31679
Md5:    cf9c06469236cd8e8d2088087b10b5b8
Sha1:   3ed6a01bbcf7bf6b83ab2c997546ead5af372743
Sha256: ce0e7beb9853e79a93344cec332447dad72d4ed2f18b703cfee28bed8e77b038
                                        
                                            GET /uploads/1645606690bc25555bab4430a7900a83e596aef47d.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 13473
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
x-amz-version-id: Lge6SHJh03SQ6P2vJ6l8595_6NBefZsV
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 03:46:06 GMT
etag: "12ab420eb2f85783090f0d149cce0373"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B_MaNbfw5wgdYGU2Wxj4Hzhi7RLJ3JgzpvEJWBuTXnjO9SZYwgTj-w==
age: 66805
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   13473
Md5:    12ab420eb2f85783090f0d149cce0373
Sha1:   96b42990ca1e304d0f96dc6c4841ee3d4220561c
Sha256: ebfd40e9d2070bd61499d490fc4ba516d4e1f9baef1a8a271433051cdb25ab23
                                        
                                            GET /uploads/1645606690dfe4c50e8dab48f102c825bbb91242c3.png HTTP/1.1 
Host: d13pxqgp3ixdbh.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 6729
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
x-amz-version-id: W6axW.sMqNSWP4B7a9GQEzzaYOmvzKOC
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 20:38:29 GMT
etag: "e2a36e05f872ff1f960328d91954a724"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6BQBOoE9JApvRkKsyJHh0oaqssH66fTeiRiPHoGlaAmsx3SOLHNLlQ==
age: 6130
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 434, 8-bit colormap, non-interlaced\012- data
Size:   6729
Md5:    e2a36e05f872ff1f960328d91954a724
Sha1:   236b905b2962ca0e8e99b7ec670abd3574fc36c5
Sha256: 0807e8f7ee5b126649b8815fbcfb23d0eb5a5809066299bdc9e3ad2cfd94030f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 22:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 20:41:08 GMT
expires: Sun, 27 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 5902
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /99bb482/ws HTTP/1.1 
Host: verifyus.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://verifyus.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q9WDfUxVYS+FYcRFAurFBA==
Connection: keep-alive, Upgrade
Cookie: _cpguid=7bp732ju7
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         111.90.158.214
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 27 Nov 2022 22:19:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Content-Length: 208
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   208
Md5:    11c3fc9d8afc1bfa8237028c0165e56d
Sha1:   e0ddc52529b48a8c56d9c287908c090919cf3cb4
Sha256: 4ba3f52bc7d87ab99c1d3004b0edd9f998cfe0265dd5f2a054f64aeae81e27a0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /public/external/css_front.css HTTP/1.1 
Host: dwmsurhf1svv8.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.42.148
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 6596
date: Sun, 27 Nov 2022 22:19:30 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
etag: "19c4-5a8c5e62e9d0a"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: w-MZLJ3KJnvXtOK9rh7zXFZZoGN1ULuMVzh-jrDWRQ3jRMkDUmK0Ag==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   6596
Md5:    2649f9832b1ede1bca6b60a16e50a676
Sha1:   c96e86a59be0ab5f2a1c86558205193597822742
Sha256: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 22:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j98&a=351964463&t=pageView&_s=1&dl=http%3A%2F%2Fverifyus.net%2F99bb482&ul=en-us&de=UTF-8&dt=All%20in%20one%20giftcards&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=687237978&gjid=1279713060&cid=143004544.1669587570&tid=UA-85922709-2&_gid=55191131.1669587570&_r=1&_slc=1&cd1=0&z=1492622912 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://verifyus.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://verifyus.net
date: Sun, 27 Nov 2022 22:19:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    38684612f0c6bb6dfa16da92f4a6878f
Sha1:   6fe62d0dd7db314b7f9bb945672f078e01d27f0f
Sha256: a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: verifyus.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _cpguid=7bp732ju7

search
                                         111.90.158.214
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 27 Nov 2022 22:19:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Content-Length: 209
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            GET /public/clockers/CustomButton/css.css HTTP/1.1 
Host: dwmsurhf1svv8.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.42.148
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 1010
date: Sun, 27 Nov 2022 22:19:31 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
etag: "3f2-5a2f7428ae907"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pb8SeaF_BeO8mOdkgdkjNzreYqmFukOCKZEDxf-Gh5kBLxB5xp0XDQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1010
Md5:    683a185465436634825046815ac5a2d2
Sha1:   dd9a216245afb09ebc5098aa44374ee8ef51d3dd
Sha256: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Sun, 27 Nov 2022 22:56:00 GMT
Date: Sun, 27 Nov 2022 22:19:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Sun, 27 Nov 2022 22:56:00 GMT
Date: Sun, 27 Nov 2022 22:19:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:42:14 GMT
age: 2237
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5099
Md5:    433875a1b1fef34e45f2d8ac344c07e3
Sha1:   f2129466436cbbdd58abe42a47fb7af19eba58e6
Sha256: ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:54:16 GMT
age: 59115
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:16:35 GMT
age: 43376
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8817
Md5:    741ddfb19764ac9a77509e7e87cfbfb2
Sha1:   308c08784ce4a0757cbd112807555b83e17a1d56
Sha256: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:42:14 GMT
age: 2237
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8387
x-amzn-requestid: fc238ea9-0169-47fc-b92e-f12b3ee27c72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b433YGtOoAMFexg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d362-2f97c67a2e5f05b6746cf858;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:12:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oMrdB0NUGe5CqTY7eFd3u8xaSy9TyDdOrf1awBikFJzm3jWreD2irQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 12:30:20 GMT
age: 35351
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8387
Md5:    4e97baa4851785eac92c719abf481c64
Sha1:   c32a57038d3cdbc514c9081c9938eca6a04fb481
Sha256: adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4mksi8EQxTxRXDqN-0iWJc-LmiI7joDX5xGmPb1HetziDj4mRCC7Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:53:37 GMT
age: 59154
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6883
Md5:    f7f16c0f8a8e710210ce77c0e4c1c2a2
Sha1:   590c34be54c9889eec4ff7993e070fda836f711f
Sha256: 4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
                                        
                                            GET /public/guid?cpguid=7bp732ju7&e=ll&t=1669587571121 HTTP/1.1 
Host: dwmsurhf1svv8.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.42.148
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
content-length: 0
date: Sun, 27 Nov 2022 22:19:31 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: viFoSS0z3MPHOOmD4V-wqlgddked7l2yKg7c29uifgfd4I8apYzs9w==
X-Firefox-Spdy: h2

                                        
                                            GET /public/external/check.php?it=3161032&time=1669587572854 HTTP/1.1 
Host: dwmsurhf1svv8.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.42.148
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 78
date: Sun, 27 Nov 2022 22:19:33 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fgFwGjZBj_KDX1zeGXAF1-A6d62ePfmVz-_fMJ5ND5rDDBfO_SOLLA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   78
Md5:    37ebc78db9bc22d4c972c5961163070c
Sha1:   865e3671f7e86b52d2f7b006b95ec7799a187572
Sha256: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
                                        
                                            GET /74e10a7.js HTTP/1.1 
Host: d1j9qsxe04m2ki.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.42.215
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 30 Oct 2022 13:50:57 GMT
server: AmazonS3
content-encoding: br
date: Sun, 27 Nov 2022 22:19:30 GMT
etag: W/"d0adadb877ad5f27d0c2a369cd5acb5e"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vX3YUmc_WFnaJmvmI_r36bNKUuvtNDoVUccHJ8f0mrWXFYst2RadoA==
age: 1
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /public/external/v2/html.3161032.5f6f7.0.js HTTP/1.1 
Host: dwmsurhf1svv8.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.42.148
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 22:19:30 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OvSspZ0rgYFWy2qomsGeFYoRMVS6mouR83Yeyy6mF9OJSAIaf_QXLQ==
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing