urlquery - report: renox.lol/kayla/panel/login.php

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-09-13 04:56:58 UTC	23.33.119.27
use.fontawesome.com (2)	942	2017-01-30 04:43:25 UTC	2022-09-13 04:59:04 UTC	104.21.63.54
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-13 05:09:29 UTC	35.161.230.192
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-13 18:38:51 UTC	143.204.55.27
renox.lol (3)	0	2022-05-20 04:43:15 UTC	2022-09-13 21:56:14 UTC	192.187.112.99	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-13 05:25:58 UTC	143.204.55.35
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-13 04:58:37 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-13 16:17:30 UTC	93.184.220.29
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-13 12:32:54 UTC	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-09-13	2	renox.lol/kayla/panel/login.php	Malware
2022-09-13	2	renox.lol/cgi-sys/suspendedpage.cgi	Malware

Scan Date	Severity	Indicator	Comment
2022-09-13	2	renox.lol	Sinkholed
2022-09-13	2	renox.lol	Sinkholed
2022-09-13	2	renox.lol	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-10-13 00:56:28 +0000	0 - 0 - 5	renox.lol/panel/login.php	192.187.112.99
2022-10-13 00:56:06 +0000	0 - 0 - 5	renox.lol/popa/panel/login.php	192.187.112.99
2022-10-12 00:18:24 +0000	0 - 0 - 5	renox.lol/kayla/panel/login.php	192.187.112.99
2022-10-12 00:18:18 +0000	0 - 0 - 5	renox.lol/kayla/panel/login.php	192.187.112.99
2022-10-12 00:18:12 +0000	0 - 0 - 5	renox.lol/panel/login.php	192.187.112.99

Date	UQ / IDS / BL	URL	IP
2023-03-28 15:00:03 +0000	0 - 2 - 0	unisapp.xp3.biz/app/	142.54.187.20
2023-03-27 23:03:44 +0000	0 - 0 - 0	marriottsvacations.com	63.141.242.44
2023-03-27 21:58:42 +0000	0 - 0 - 0	wntheworld.com	192.187.111.222
2023-03-27 18:22:31 +0000	0 - 1 - 0	fqwlaa.fhostfmo.xyz	107.150.38.189
2023-03-27 16:25:43 +0000	0 - 2 - 0	bikiniseason1.dynserv.org/	74.91.17.25

Date	UQ / IDS / BL	URL	IP
2022-10-13 00:56:28 +0000	0 - 0 - 5	renox.lol/panel/login.php	192.187.112.99
2022-10-13 00:56:06 +0000	0 - 0 - 5	renox.lol/popa/panel/login.php	192.187.112.99
2022-10-12 00:18:24 +0000	0 - 0 - 5	renox.lol/kayla/panel/login.php	192.187.112.99
2022-10-12 00:18:18 +0000	0 - 0 - 5	renox.lol/kayla/panel/login.php	192.187.112.99
2022-10-12 00:18:12 +0000	0 - 0 - 5	renox.lol/panel/login.php	192.187.112.99

Date	UQ / IDS / BL	URL	IP
2022-10-13 00:56:28 +0000	0 - 0 - 5	renox.lol/panel/login.php	192.187.112.99
2022-10-13 00:56:06 +0000	0 - 0 - 5	renox.lol/popa/panel/login.php	192.187.112.99
2022-10-12 00:18:24 +0000	0 - 0 - 5	renox.lol/kayla/panel/login.php	192.187.112.99
2022-10-12 00:18:18 +0000	0 - 0 - 5	renox.lol/kayla/panel/login.php	192.187.112.99
2022-10-12 00:18:12 +0000	0 - 0 - 5	renox.lol/panel/login.php	192.187.112.99

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 13 Sep 2022 21:08:54 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: iAzOXeEtYyWbVqCsmW-LqFemMVjiXIHnRPYyr_JregQYZjXWYOyDuw== Age: 2884 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /kayla/panel/login.php HTTP/1.1 Host: renox.lol User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: renox.lol/kayla/panel/login.php FQDN: renox.lol IP: 192.187.112.99 HASH: d68dc138bd1928d10ecc74a0251f33c74fdd3d0f6283ec343119edecec1807da 192.187.112.99 HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 13 Sep 2022 21:56:58 GMT Server: Apache Location: http://renox.lol/cgi-sys/suspendedpage.cgi Content-Length: 226 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 226 Md5: 7fcc54f9c082baf6d9e741fce6c343cf Sha1: 3b53f6592322988705d984408145919f7f82d5ba Sha256: d68dc138bd1928d10ecc74a0251f33c74fdd3d0f6283ec343119edecec1807da Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD" Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10421 Expires: Wed, 14 Sep 2022 00:50:39 GMT Date: Tue, 13 Sep 2022 21:56:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: be88d3e043e3b95b52e41812e50fb634 Sha1: 0318ba1ce487817ea7cba61dd9413bed29213800 Sha256: b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.35 HASH: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345 143.204.55.35 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 20 Aug 2022 23:18:05 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 13 Sep 2022 07:17:13 GMT etag: "742edb4038f38bc533514982f3d2e861" x-cache: Hit from cloudfront via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 34PYqb-0ag9FpEHs1wjPIRXu3GOjwM1ZAyiRNwv9OqTcmuES31q6Uw== age: 62504 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 742edb4038f38bc533514982f3d2e861 Sha1: cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /cgi-sys/suspendedpage.cgi HTTP/1.1 Host: renox.lol User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: renox.lol/cgi-sys/suspendedpage.cgi FQDN: renox.lol IP: 192.187.112.99 HASH: 96db19b43c174f61cbccc7047ed46277300079c47958b503cf91f20b722bd65b 192.187.112.99 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 13 Sep 2022 21:56:59 GMT Server: Apache Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4070), with CRLF line terminators Size: 7730 Md5: abc85df3b11943c082eabec9e4b8d63b Sha1: b9a915bff2b195b465fa8d2e0a2c585953783540 Sha256: 96db19b43c174f61cbccc7047ed46277300079c47958b503cf91f20b722bd65b Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 13 Sep 2022 21:56:59 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /releases/v5.0.6/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://renox.lol/	URL: use.fontawesome.com/releases/v5.0.6/css/all.css FQDN: use.fontawesome.com IP: 104.21.63.54 HASH: 984600f8404a2812e9655ee8f5fc6883c1abf8e52eab0923baa5ebd8bb45b712 104.21.63.54 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 13 Sep 2022 21:56:59 GMT Transfer-Encoding: chunked Connection: keep-alive x-amz-id-2: kolV4J3F+xkkhQ14Qo6NDLGtxU6eYIYyMxT3B8LQiyGaHOBuK4GeVd9tlHs5Z99VLwlwXMVrHEc= x-amz-request-id: F06F1PVA2VMKCA6V Last-Modified: Wed, 30 Jun 2021 15:27:49 GMT ETag: W/"42eaa52604673b64d6b356c2fd7f87e3" Cache-Control: max-age=31556926 CF-Cache-Status: HIT Age: 517703 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3I6q0cT5%2FNBrWv%2B6biOOcQCPA4Z4tDIYQkRLvCG5atKjkWUcCPPEbDXWsEq6%2BhF42mX%2FQHo3VhYQXNj2N308vTdudc4ptgBzMR3SpObT9%2B8lR2%2BxMmqyTyJYi45fp4TzqhsbKwk"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 74a422cdedbe1c06-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: ASCII text, with very long lines (34556) Size: 7532 Md5: e968798a6e6b5d8c0d1a0b3dd562e8b1 Sha1: d5fc0ab33b1db7ccc960a222dfa28d850fcc150d Sha256: 984600f8404a2812e9655ee8f5fc6883c1abf8e52eab0923baa5ebd8bb45b712
GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://renox.lol Connection: keep-alive Referer: http://use.fontawesome.com/	URL: use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-9 (...) FQDN: use.fontawesome.com IP: 104.21.63.54 HASH: 62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56 104.21.63.54 HTTP/1.1 200 OK Content-Type: application/font-woff2 Date: Tue, 13 Sep 2022 21:56:59 GMT Content-Length: 38784 Connection: keep-alive x-amz-id-2: 479LJrOzlQBYOlVUDiU7R61BNfGZYoGlXyzN2VNUILgYa2z583M5lFWH7sU3wwLIeXkFTORXVxU= x-amz-request-id: EHFS57ZQ3ZPN1Y98 Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Max-Age: 3000 Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding Last-Modified: Wed, 30 Jun 2021 15:27:50 GMT ETag: "f9b85c9463af7103b9b24bbbf09a06ed" Cache-Control: max-age=31556926 CF-Cache-Status: HIT Age: 343226 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHgsCh1kQe1DMSjiIqWnJxUFWEhESfRkOCJI58KE9emOktHb3OE0NbUM%2BpoGmyEIIZ7pKW8S9xX%2BCB48gd8TIFCmCqo%2BCGCX6XZQ8jGaCqlcHpomdobsSK0B49%2Fmmvxf2o69BpMR"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 74a422ce8f8bfabc-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data Size: 38784 Md5: f9b85c9463af7103b9b24bbbf09a06ed Sha1: d28d7222bcbeb8ea701a771e85f7efe006e62fb1 Sha256: 62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
GET /favicon.ico HTTP/1.1 Host: renox.lol User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://renox.lol/cgi-sys/suspendedpage.cgi	URL: renox.lol/favicon.ico FQDN: renox.lol IP: 192.187.112.99 HASH: d68dc138bd1928d10ecc74a0251f33c74fdd3d0f6283ec343119edecec1807da 192.187.112.99 HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 13 Sep 2022 21:56:59 GMT Server: Apache Location: http://renox.lol/cgi-sys/suspendedpage.cgi Content-Length: 226 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 226 Md5: 7fcc54f9c082baf6d9e741fce6c343cf Sha1: 3b53f6592322988705d984408145919f7f82d5ba Sha256: d68dc138bd1928d10ecc74a0251f33c74fdd3d0f6283ec343119edecec1807da Alerts: Blocklists: - mnemonic_dns: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Tue, 13 Sep 2022 21:03:22 GMT Expires: Tue, 13 Sep 2022 21:52:29 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: PwAHcNtcHp-SPgycm7Ar2Uxz4myMLu8Vpolzh8iTum_Me-tR_cKVdA== Age: 3217 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5203 Cache-Control: 'max-age=158059' Date: Tue, 13 Sep 2022 21:56:59 GMT Last-Modified: Tue, 13 Sep 2022 20:30:16 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e96dbe1b54932c8f447bbbfc9d31cfb0 Sha1: b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd Sha256: 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: cam+RZ/0Pdh89KBc6BJOWw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.161.230.192 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.161.230.192 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: OsrF1B/jpx+FDNlbH9UyvsqPDgs= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D" Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12490 Expires: Wed, 14 Sep 2022 01:25:11 GMT Date: Tue, 13 Sep 2022 21:57:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fe792a43fbfd72d158215bb5fa087c19 Sha1: 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 Sha256: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D" Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12490 Expires: Wed, 14 Sep 2022 01:25:11 GMT Date: Tue, 13 Sep 2022 21:57:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fe792a43fbfd72d158215bb5fa087c19 Sha1: 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 Sha256: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D" Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12490 Expires: Wed, 14 Sep 2022 01:25:11 GMT Date: Tue, 13 Sep 2022 21:57:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fe792a43fbfd72d158215bb5fa087c19 Sha1: 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 Sha256: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D" Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12490 Expires: Wed, 14 Sep 2022 01:25:11 GMT Date: Tue, 13 Sep 2022 21:57:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fe792a43fbfd72d158215bb5fa087c19 Sha1: 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 Sha256: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10407 x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YH396F2SIAMFnGA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0 x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw== via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Tue, 13 Sep 2022 06:18:57 GMT age: 56284 etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10407 Md5: 557695ec8ffeebb0272c099542a14ace Sha1: ad627b434e1c3b693d8636675bcea0f8794e0dc2 Sha256: 4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8799 x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YUI-0G6vIAMFgbA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0 x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Tue, 13 Sep 2022 21:41:55 GMT age: 906 etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8799 Md5: c14088c4ca0d576e087feed41b7f1565 Sha1: 172b23f2ef39b6c3fdebb5441b10a95712206d0a Sha256: 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9466 x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YOTeoHMKoAMFr5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0 x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT x-amz-cf-pop: SEA73-P2 x-cache: Hit from cloudfront x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google date: Tue, 13 Sep 2022 04:49:30 GMT age: 61651 etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9466 Md5: 6174529fff57758e958da5432344962f Sha1: 05ec2076b32398d60ee77fab8c14345bc7dfe647 Sha256: 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9815 x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YUIxnEAjoAMF_Ig= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0 x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Tue, 13 Sep 2022 21:48:18 GMT age: 523 etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9815 Md5: 239262b6ab17cb19414c35cd4f761092 Sha1: 48eddcf9838e980e67cc8f9cbb05b475df2f0331 Sha256: cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9945 x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YXcX8HAKoAMF5EQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0 x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: eX23PaCAomr6VAV9ZbI5zgphphhjNOYOgVQ8ky8Xqg8ITHDwJnQ_HQ== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google date: Tue, 13 Sep 2022 21:42:21 GMT age: 880 etag: "744fee4a0baa22ba3aa352d60620a916972b47dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9945 Md5: c9ab2ec10c79b91d15edb1d1e3dc763c Sha1: 744fee4a0baa22ba3aa352d60620a916972b47dd Sha256: f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10849 x-amzn-requestid: bc2a9e2a-373d-4f1e-9556-ef15b7912206 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YXcwnFRLoAMFnVQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631fa803-38fbde8e60f3662504591c64;Sampled=0 x-amzn-remapped-date: Mon, 12 Sep 2022 21:43:31 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: CH1PWFGKKehKvQj-BvGVPngiQy4M1DwxqLyhDSugw00b_1aCkV4Cqg== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Tue, 13 Sep 2022 21:42:21 GMT age: 880 etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10849 Md5: 838f709437b2dfbede4ee15307afe217 Sha1: 2ab2ee20e720b78be6deb55f967ac0d8b7dad048 Sha256: a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 20 Aug 2022 23:18:05 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Tue, 13 Sep 2022 07:17:13 GMT 

                                        
                                            
etag: "742edb4038f38bc533514982f3d2e861" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: 34PYqb-0ag9FpEHs1wjPIRXu3GOjwM1ZAyiRNwv9OqTcmuES31q6Uw== 

                                        
                                            
age: 62504 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    742edb4038f38bc533514982f3d2e861

                                                Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1

                                                Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 13 Sep 2022 21:56:59 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1 

                                        
                                            
Host: use.fontawesome.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: http://renox.lol 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://use.fontawesome.com/

                                         104.21.63.54

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/font-woff2

                                        

                                        
                                            
Date: Tue, 13 Sep 2022 21:56:59 GMT 

                                        
                                            
Content-Length: 38784 

                                        
                                            
Connection: keep-alive 

                                        
                                            
x-amz-id-2: 479LJrOzlQBYOlVUDiU7R61BNfGZYoGlXyzN2VNUILgYa2z583M5lFWH7sU3wwLIeXkFTORXVxU= 

                                        
                                            
x-amz-request-id: EHFS57ZQ3ZPN1Y98 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET 

                                        
                                            
Access-Control-Max-Age: 3000 

                                        
                                            
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding 

                                        
                                            
Last-Modified: Wed, 30 Jun 2021 15:27:50 GMT 

                                        
                                            
ETag: "f9b85c9463af7103b9b24bbbf09a06ed" 

                                        
                                            
Cache-Control: max-age=31556926 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 343226 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHgsCh1kQe1DMSjiIqWnJxUFWEhESfRkOCJI58KE9emOktHb3OE0NbUM%2BpoGmyEIIZ7pKW8S9xX%2BCB48gd8TIFCmCqo%2BCGCX6XZQ8jGaCqlcHpomdobsSK0B49%2Fmmvxf2o69BpMR"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 74a422ce8f8bfabc-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data

                                                Size:   38784

                                                Md5:    f9b85c9463af7103b9b24bbbf09a06ed

                                                Sha1:   d28d7222bcbeb8ea701a771e85f7efe006e62fb1

                                                Sha256: 62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Date: Tue, 13 Sep 2022 21:03:22 GMT 

                                        
                                            
Expires: Tue, 13 Sep 2022 21:52:29 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: PwAHcNtcHp-SPgycm7Ar2Uxz4myMLu8Vpolzh8iTum_Me-tR_cKVdA== 

                                        
                                            
Age: 3217 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: cam+RZ/0Pdh89KBc6BJOWw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         35.161.230.192

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: OsrF1B/jpx+FDNlbH9UyvsqPDgs= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D" 

                                        
                                            
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12490 

                                        
                                            
Expires: Wed, 14 Sep 2022 01:25:11 GMT 

                                        
                                            
Date: Tue, 13 Sep 2022 21:57:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    fe792a43fbfd72d158215bb5fa087c19

                                                Sha1:   5b28cebdebfdd33871fa4982f39a89f5ce3cbf99

                                                Sha256: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D" 

                                        
                                            
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12490 

                                        
                                            
Expires: Wed, 14 Sep 2022 01:25:11 GMT 

                                        
                                            
Date: Tue, 13 Sep 2022 21:57:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    fe792a43fbfd72d158215bb5fa087c19

                                                Sha1:   5b28cebdebfdd33871fa4982f39a89f5ce3cbf99

                                                Sha256: ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8799 

                                        
                                            
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YUI-0G6vIAMFgbA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ== 

                                        
                                            
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 13 Sep 2022 21:41:55 GMT 

                                        
                                            
age: 906 

                                        
                                            
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8799

                                                Md5:    c14088c4ca0d576e087feed41b7f1565

                                                Sha1:   172b23f2ef39b6c3fdebb5441b10a95712206d0a

                                                Sha256: 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9815 

                                        
                                            
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YUIxnEAjoAMF_Ig= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w== 

                                        
                                            
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 13 Sep 2022 21:48:18 GMT 

                                        
                                            
age: 523 

                                        
                                            
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9815

                                                Md5:    239262b6ab17cb19414c35cd4f761092

                                                Sha1:   48eddcf9838e980e67cc8f9cbb05b475df2f0331

                                                Sha256: cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10849 

                                        
                                            
x-amzn-requestid: bc2a9e2a-373d-4f1e-9556-ef15b7912206 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YXcwnFRLoAMFnVQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-631fa803-38fbde8e60f3662504591c64;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 12 Sep 2022 21:43:31 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: CH1PWFGKKehKvQj-BvGVPngiQy4M1DwxqLyhDSugw00b_1aCkV4Cqg== 

                                        
                                            
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 13 Sep 2022 21:42:21 GMT 

                                        
                                            
age: 880 

                                        
                                            
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10849

                                                Md5:    838f709437b2dfbede4ee15307afe217

                                                Sha1:   2ab2ee20e720b78be6deb55f967ac0d8b7dad048

                                                Sha256: a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba

URL	renox.lol/kayla/panel/login.php
IP	192.187.112.99 (United States)
ASN	#33387 NOCIX
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-13 21:57:09 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	5
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.187.112.99

Last 5 reports on ASN: NOCIX

Last 5 reports on domain: renox.lol

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (22)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.187.112.99

Last 5 reports on ASN: NOCIX

Last 5 reports on domain: renox.lol

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (22)

Network Intrusion Detection Systems