r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1424d2734290cfd767b86da0ee0da3bc
875b1243bca41177411ac6af710d2bb96f45a0ac
70b5bb76774526a0cf131445ae2f8639085c3449812497df457f4bc78089917b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70B5BB76774526A0CF131445AE2F8639085C3449812497DF457F4BC78089917B"
Last-Modified: Wed, 15 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3683
Expires: Fri, 17 Mar 2023 02:45:25 GMT
Date: Fri, 17 Mar 2023 01:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25389646a2daae58c728e01095973033
651619a503a0f21dd5a8135cce5240f51bae1ab5
8ecd890bd13e92a07acabbd187e71d59adc1f896b249ac1165444ea1f9e21bef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8ECD890BD13E92A07ACABBD187E71D59ADC1F896B249AC1165444EA1F9E21BEF"
Last-Modified: Tue, 14 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5529
Expires: Fri, 17 Mar 2023 03:16:11 GMT
Date: Fri, 17 Mar 2023 01:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cef8425d927aae677234ca535562b58b
823b45ffe59ac234f49d38516baf528a9daded85
c2d2e2be0e1484259271be471ff46345fd332c071389f9ef92f637e7ee666ea6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2D2E2BE0E1484259271BE471FF46345FD332C071389F9EF92F637E7EE666EA6"
Last-Modified: Tue, 14 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4437
Expires: Fri, 17 Mar 2023 02:57:59 GMT
Date: Fri, 17 Mar 2023 01:44:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 17 Mar 2023 01:14:26 GMT
content-type: application/json
age: 1776
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ehXSe8oaddcDefiGuqlZJYe+dOpgn7IgrjbpXznJDuksqxapG5kAFgS1hW4E3ERo5vGwE/iUjNDRY0kAQI3jlw==
x-amz-request-id: KFQWS98FTDG31M0P
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 17 Mar 2023 00:47:55 GMT
age: 3367
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 01:44:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 17 Mar 2023 01:17:21 GMT
age: 1602
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
9k4.2af.mywebsitetransfer.com/n/N/login.php
92.205.13.208200 OK 3.9 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/login.php
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1157), with CRLF line terminators
Hash b819fe170f90d6e793f944b5c41a95bf
28a0933e865bf0339de0185f51bb83ed3d8cc857
f4a18bfb3f27b81dde60d7d685c2255ffa3d0b78e65479dac2b81ec9d1073ec8
Analyzer Verdict Alert fortinet Phishing
GET /n/N/login.php HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:02 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3913
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
9k4.2af.mywebsitetransfer.com/n/N/style/css/stylef.css
92.205.13.208200 OK 2.1 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/stylef.css
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (3786), with CRLF line terminators
Hash 2667bf95422d15284bb9b17424c99dc9
45b35f637fe58769551d0560ad6ff73006740351
a5fcdea92147a0a398fa24672838b200e0cd35dce58da351fe35f2d090d95857
GET /n/N/style/css/stylef.css HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 29 Aug 2020 01:57:30 GMT
ETag: "6a07e3-1e31-5adfa7df21680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2125
Keep-Alive: timeout=5
Content-Type: text/css
9k4.2af.mywebsitetransfer.com/n/N/style/js/style.js
92.205.13.208200 OK 834 B URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/js/style.js
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash b3b513a42ba66924bd794f00ab1e8756
4990006b11c02a9fb9ab4c4d1fba2ab75d550bac
5d654ce1762a87c9ea2b1d3dc9300a649d9669a357f5cff1641d30155906405f
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/js/style.js HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 16 Jan 2019 16:34:10 GMT
ETag: "6a07f8-8bf-57f95d8efc480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 834
Keep-Alive: timeout=5
Content-Type: application/javascript
9k4.2af.mywebsitetransfer.com/n/N/style/js/jquery.validate.min.js
92.205.13.208200 OK 13 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/js/jquery.validate.min.js
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (511), with CRLF line terminators
Hash e54dc9682afa7a069f4f0d23e48b1ed6
1e74450324152aff6cf57bee05b6eb2c856beb39
fc0c7ba1558f0a0bcc28318c3255421f1a436d175a3ac9ca03ecab41263c02c6
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/js/jquery.validate.min.js HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 23 Dec 2018 15:05:28 GMT
ETag: "6a07f7-c3fa-57db1cf877e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13102
Keep-Alive: timeout=5
Content-Type: application/javascript
9k4.2af.mywebsitetransfer.com/n/N/style/js/jquery.mask.js
92.205.13.208200 OK 4.9 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/js/jquery.mask.js
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
Hash 72561daefcabe07fcd6e4a000ce2b1f9
29f4b8a00c67c6d29e8beb9cbe1fcc040bfc4bf5
3a19e4fd29ca6cd5ba35dd0f38915107a432a326280051d32ca2b16af7d668b7
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/js/jquery.mask.js HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 31 Jan 2016 00:57:28 GMT
ETag: "6a07f3-47fe-52a96c094ee00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4948
Keep-Alive: timeout=5
Content-Type: application/javascript
9k4.2af.mywebsitetransfer.com/n/N/style/css/nonechaditk.css
92.205.13.208200 OK 20 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/nonechaditk.css
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash cdfa35a33df243a3b07fffec4720904e
3e567c78a310a11e7f93f0e2d031d91799b7ef5f
c501e34040b04c4c11357892a637a093ff4ab7ef5a065bcc18a250305a976e60
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /n/N/style/css/nonechaditk.css HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 18 Dec 2018 21:22:52 GMT
ETag: "6a078d-1ec23-57d528002a300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20106
Keep-Alive: timeout=5
Content-Type: text/css
9k4.2af.mywebsitetransfer.com/n/N/style/js/angular.min.js
92.205.13.208200 OK 58 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/js/angular.min.js
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (566)
Hash f71784ed16e679714a4e9498b520eef2
d2a7220fe4656fe7a22a644bb62626fec2f532f5
4589752b741650baf3e46aad2f222cc0d70277e0863a9c5d6e98e6d24f07b5b5
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/js/angular.min.js HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Sun, 19 Nov 2017 15:55:28 GMT
ETag: "6a07e8-28cdb-55e57ffa93c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4353e40dea39897876467013220ab1ad
ecdbe764620d0d760f9333ff2c30d0f7d9b5d9a8
f23a16dcfff2a742fcbd5fff52cb6edcb9485eea5e732574f3124371b21abfb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F23A16DCFFF2A742FCBD5FFF52CB6EDCB9485EEA5E732574F3124371B21ABFB3"
Last-Modified: Tue, 14 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12022
Expires: Fri, 17 Mar 2023 05:04:25 GMT
Date: Fri, 17 Mar 2023 01:44:03 GMT
Connection: keep-alive
9k4.2af.mywebsitetransfer.com/n/N/style/js/jquery.min.js
92.205.13.208200 OK 85 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/js/jquery.min.js
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 2f9a23e70dfcf0a298778aafdbc7fb17
a6e316800d9c5fdc483efee679fc7cbdb2d81b7b
1c08dbb631b51d10900f7eb7200d59613a938df12e497bd40413e7e4641a408f
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/js/jquery.min.js HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Sun, 03 Dec 2017 16:11:38 GMT
ETag: "6a07f4-478d0-55f71db418280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
9k4.2af.mywebsitetransfer.com/n/N/style/css/FB-f-Logo__blue_57.png
92.205.13.208200 OK 1.5 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/FB-f-Logo__blue_57.png
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash a33ca47ef110b6e3ec5086b8776407d3
dff5bbbe61b4920a23fb21a7fca69ca9e94dcb6c
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /n/N/style/css/FB-f-Logo__blue_57.png HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 21:03:56 GMT
ETag: "6a075a-5af-57d523c4ca700"
Accept-Ranges: bytes
Content-Length: 1455
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
9k4.2af.mywebsitetransfer.com/n/N/style/css/site-spinner-240-light.png
92.205.13.208200 OK 5.1 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/site-spinner-240-light.png
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 93ebf9e3bb5fde6c9456ca28711bfbba
006bef52015403d071a73fb6f04bd2dd98f82ebb
5a7ed665f614fe2c62e79a477715dd18c8afae67f7c580bc049e013feb2864b7
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /n/N/style/css/site-spinner-240-light.png HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/style/css/nonechaditk.css
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 21:13:32 GMT
ETag: "6a07e0-13e7-57d525ea1b700"
Accept-Ranges: bytes
Content-Length: 5095
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
9k4.2af.mywebsitetransfer.com/n/N/style/css/alpha_website_small.jpg
92.205.13.208200 OK 116 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/alpha_website_small.jpg
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data
Size 116 kB (115912 bytes)
Hash 330f71efaf9464edb933d1d635e27dd6
3d11a19729f6fcd344df1c38f34eccfa60a6bf2d
3e379956c11b27e761265f7d50f07f680407c9bfe4b067856b9408755ec08255
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /n/N/style/css/alpha_website_small.jpg HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 20:59:02 GMT
ETag: "6a0745-1c4c8-57d522ac69180"
Accept-Ranges: bytes
Content-Length: 115912
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
9k4.2af.mywebsitetransfer.com/n/N/style/css/nf-icon-v1-93.woff
92.205.13.208200 OK 74 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/nf-icon-v1-93.woff
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type Web Open Font Format, CFF, length 73572, version 0.0\012- data
Hash 7cf6156cc481244b5a254362d7b73f00
4391003d1cb06d2bd1921a5813a57604fa7d9935
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/css/nf-icon-v1-93.woff HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/style/css/nonechaditk.css
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 21:12:18 GMT
ETag: "6a0786-11f64-57d525a389080"
Accept-Ranges: bytes
Content-Length: 73572
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
push.services.mozilla.com/
44.227.71.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.71.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dtb48owUb20tkbno178Ozg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9kbUaEtfJkJz+shi9KtMObY1//M=
9k4.2af.mywebsitetransfer.com/n/N/style/css/nficon2016.png
92.205.13.208200 OK 1.8 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/nficon2016.png
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d194514babc5d7d010308a0f808ca51
867e51e9b4a474c19da52d6454076c007a9d01f2
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
GET /n/N/style/css/nficon2016.png HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 20:48:58 GMT
ETag: "6a0789-6db-57d5206c64280"
Accept-Ranges: bytes
Content-Length: 1755
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
9k4.2af.mywebsitetransfer.com/n/N/style/css/nficon2016.ico
92.205.13.208200 OK 17 kB URL HTTP/1.1 9k4.2af.mywebsitetransfer.com/n/N/style/css/nficon2016.ico
IP 92.205.13.208:0
ASN #21499 Host Europe GmbH
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
urlquery phishing Phishing - Netflix
fortinet Phishing
GET /n/N/style/css/nficon2016.ico HTTP/1.1
Host: 9k4.2af.mywebsitetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9k4.2af.mywebsitetransfer.com/n/N/login.php
Cookie: PHPSESSID=2bc8c0aea30b845cce911d9490b9d4f8
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 01:44:03 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 20:48:50 GMT
ETag: "6a0788-423e-57d52064c3080"
Accept-Ranges: bytes
Content-Length: 16958
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/x-icon
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3936
Expires: Fri, 17 Mar 2023 02:49:41 GMT
Date: Fri, 17 Mar 2023 01:44:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3936
Expires: Fri, 17 Mar 2023 02:49:41 GMT
Date: Fri, 17 Mar 2023 01:44:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3936
Expires: Fri, 17 Mar 2023 02:49:41 GMT
Date: Fri, 17 Mar 2023 01:44:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3936
Expires: Fri, 17 Mar 2023 02:49:41 GMT
Date: Fri, 17 Mar 2023 01:44:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3936
Expires: Fri, 17 Mar 2023 02:49:41 GMT
Date: Fri, 17 Mar 2023 01:44:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa24301-1030-4c4f-989c-e2b17d183b89.webp
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa24301-1030-4c4f-989c-e2b17d183b89.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 558d071f9fca9b78c603772983479a2e
d3e35ffefb1fb7463f0f4eedd6a83577dc73523a
03a98d89ba218aead77e6c2470bc74840b05515e9e6c14cad12ae952974a845d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa24301-1030-4c4f-989c-e2b17d183b89.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: e80767f3-f9d5-4617-841c-0ff537e127f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B2oz2EdsIAMFVIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64128818-1ac71964287b5c9431cb9264;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 03:08:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: keOsHwiwcFq-5XxhTXRqI2gqQiYbjcD5l6q8NhDK6imyZd9Mvp6DtQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 03:45:18 GMT
age: 79127
etag: "d3e35ffefb1fb7463f0f4eedd6a83577dc73523a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d0d0c23818e0992d7081d19d86d752a
5f96d26521f4db9c8858b72d5c60f5b06fd0bba1
092427d520bfea7cf5cac7f160624001496ad5f54e8c8554a1c8aea942a7db87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: 56a9e84e-6436-4726-a8b3-efc08485eb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BmtHXG6IIAMFRTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640c2895-6dc08086321fb6c016eb88e9;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 07:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SDQGfzJOO-MuuJXlOI2vqvE8pgmDt0NOGI6aDLPTvG78ZWaXxM-mGg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:00:08 GMT
age: 13437
etag: "5f96d26521f4db9c8858b72d5c60f5b06fd0bba1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5c296bb-3841-4482-a804-5e524806dd03.webp
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5c296bb-3841-4482-a804-5e524806dd03.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 012b5e6cd88d0497b761a245ce487f07
17478cb0258bb4336bc243eef4a18dd0100406d6
a064f711081abae13347e0883214e7b2cdbcf78404256af5f932ae5f6e8df13f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5c296bb-3841-4482-a804-5e524806dd03.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8814
x-amzn-requestid: 0b64a3d4-d65b-48a2-b837-a48db73ccf71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BwnF3HOQoAMFUfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64101ef2-073249406552fbe458b8d1a2;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 07:14:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: TevJBwo0tP7-zHb5PIWiC4ao-epZmB-r8wp3I18PJPdqSjYpFcHa1Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:04:55 GMT
etag: "17478cb0258bb4336bc243eef4a18dd0100406d6"
content-type: image/jpeg
age: 13150
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:00:53 GMT
age: 13392
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05b82ec8d7e99e9499e8b5a980008c60
280fe711e384d60749c6225ddcc7f57c48845719
305b82d6aa40f5af58100de5007ac484c73c0a49ab7c5715b8ab6e83e10270f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5828
x-amzn-requestid: d366481c-e7c3-4cc5-b3da-c7c4b22f320a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5KlrFegIAMFa8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138af0-1c7c39d05a6b31ed1ddcb409;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:32:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: WWj5PE-SRteLqD_zUeyBBarnrGodgVs_FuEh3pqlu8NmuSXEKbtJiA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:49:59 GMT
etag: "280fe711e384d60749c6225ddcc7f57c48845719"
content-type: image/jpeg
age: 14046
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99264f35-8d47-4d60-9c51-98d24487ff9d.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99264f35-8d47-4d60-9c51-98d24487ff9d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bc10f94b93a5d54e2b83ad4bd055f927
3a3f0aaefa0b33ba84fe1d3ecd03d435ebefa0a8
973f1406e6610c95168e736977767dfc4cb9d604979492e2f5ca1a7fc24ecf40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99264f35-8d47-4d60-9c51-98d24487ff9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4511
x-amzn-requestid: 0105617d-6e81-4536-ab5b-c55fee3c0739
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bz5HaFKgoAMFlog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64116efb-19306eb33e7380d2323c65ff;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: CuhOQLqC55P8LXnjVQLGL-mCGaLuqIe-WQct4I5Y1_m816DYU4c4Fg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 07:30:30 GMT
age: 65615
etag: "3a3f0aaefa0b33ba84fe1d3ecd03d435ebefa0a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b237b4b09287ed50ed4b41b5a4bfb339
5114fb56e5d9847562d2c493dbe684ee1057ffba
a78555499f140649e47a5c0a561f36a8002abbceb2ab13189e91faefa6dd298c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6291
x-amzn-requestid: 862f541b-8662-40fd-948b-81f454101a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BuAzzFL6oAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f14e4-337ab28f5f932a4c050a691d;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 12:19:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: -r-kQBuxzGLlPe15PBUIOxhCSiYdWXVxK_nFS3wEr08Sy72W02ohsQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:36:10 GMT
age: 11281
etag: "5114fb56e5d9847562d2c493dbe684ee1057ffba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2