Report - f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html

Report Overview

URL

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
IP

45.11.36.16

ASN

#40401 BACKBLAZE
Submitted

2023-02-08T21:57:41Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

4

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
static.cimcontent.net (4)	19912	2018-06-07T00:15:44Z	2023-03-12T19:31:46Z	1816	307463	95.101.93.229
airforservice.com (4)	unknown	2022-12-05T19:11:48Z	2023-02-16T01:23:22Z	1720	30910	104.21.40.207
gum.criteo.com (1)	381	2015-01-22T11:58:57Z	2023-03-13T07:21:44Z	525	5706	178.250.0.157
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
acdn.adnxs.com (1)	573	2015-11-11T14:40:40Z	2023-03-13T07:55:59Z	365	33772	151.101.129.108
aax-dtb-cf.amazon-adsystem.com (1)	unknown	2022-06-17T12:06:30Z	2023-03-13T05:32:11Z	705	671	54.230.241.131
ag.gbc.criteo.com (1)	5925	2018-12-17T14:17:41Z	2023-03-13T05:53:12Z	386	551	185.235.84.78
f003.backblazeb2.com (6)	385817	2019-07-22T13:51:31Z	2023-03-11T01:21:12Z	2972	235790	45.11.36.16
e.serverbid.com (1)	2759	2017-05-15T22:20:59Z	2023-03-13T03:48:07Z	444	320	159.89.246.130
bidder.criteo.com (1)	750	2017-01-30T06:01:16Z	2023-03-13T05:46:10Z	488	460	178.250.1.8
dl.cws.xfinity.com (8)	25997	2017-07-25T00:51:42Z	2023-03-12T19:31:47Z	3806	7014	184.86.58.27
ocsp.digicert.com (9)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	3069	4988	93.184.220.29
comcast-d.openx.net (1)	30392	2017-01-31T21:10:40Z	2023-02-08T22:57:31Z	729	589	34.98.64.218
dnacdn.net (1)	3760	2019-09-02T17:07:45Z	2023-03-13T07:41:37Z	513	1152	178.250.2.146
static.criteo.net (2)	652	2012-05-22T19:01:05Z	2023-03-13T07:30:11Z	806	894	178.250.0.130
ajax.googleapis.com (1)	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	396	31382	216.58.207.202
status.geotrust.com (2)	3662	2017-12-01T09:55:31Z	2023-03-13T05:14:41Z	686	1534	93.184.220.29
fastlane.rubiconproject.com (1)	459	2017-01-30T05:49:40Z	2023-03-13T05:36:39Z	790	1141	213.19.162.51
ocsp.pki.goog (2)	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686	1398	142.250.74.163
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5843	34.160.144.191
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3246	64124	34.120.237.76
ib.adnxs.com (1)	241	2012-05-20T21:01:49Z	2023-03-13T05:28:06Z	440	860	37.252.171.149
gem.gbc.criteo.com (1)	6039	2019-01-31T11:05:09Z	2023-03-13T05:34:09Z	387	492	178.250.6.217
r3.o.lencr.org (9)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3042	7978	23.36.77.32
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	44.240.124.200
c.amazon-adsystem.com (2)	300	2012-05-22T23:02:12Z	2023-03-13T05:21:15Z	847	48720	54.230.111.210
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2373	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	airforservice.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929	Phishing
2023-02-08	medium	airforservice.com/email-list/xfinitydcnjdf/static/js/vm-login-form-ad.js	Phishing
2023-02-08	medium	airforservice.com/email-list/xfinitydcnjdf/static/js/comcast-common.js	Phishing
2023-02-08	medium	airforservice.com/email-list/xfinitydcnjdf/static/css/junket/styles-light.min8455.css?v=9e94929	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (71)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

dca68db7aea32f6683ce8d542c078f04

19c495238df74fca680e21f18627ff94de5dd2e5

35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16149
Expires: Thu, 09 Feb 2023 02:26:39 GMT
Date: Wed, 08 Feb 2023 21:57:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

cc14b0d2f7c451f6431dc87ba54d1d60

bab8bfda6fa3e2f17125353f5147211787dc25d0

b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14318
Expires: Thu, 09 Feb 2023 01:56:08 GMT
Date: Wed, 08 Feb 2023 21:57:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

e69dae61eb51650e64bc84361ee44207

027a271b2fbddbe6eb089a57ef30039c68db74f4

9cc137a7846e60c1ba5f8443731d53f33cb094848d1480237e8ffb185fc22dac

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CC137A7846E60C1BA5F8443731D53F33CB094848D1480237E8FFB185FC22DAC"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7783
Expires: Thu, 09 Feb 2023 00:07:13 GMT
Date: Wed, 08 Feb 2023 21:57:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

e76071a28ee566dababb3834f46d68ed

aebb4e68c1ba2de0f90025283e8ed8470944fde0

78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY=
x-amz-request-id: 2KDPBNEGR57EJ1TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:46:07 GMT
age: 683
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:57:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html

45.11.36.16

200

77882

URL HTTP/1.1

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
IP

45.11.36.16:0
ASN

#40401 BACKBLAZE

Magic

HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators

Size

77882
Hash

092ff4c1bb00767b1181b415314078eb

24c357a9352bbbd99ee8643d8a6743b9f5557319

06d704e2e42a068cfa9a3dd0cf95d80e6b084f792e8de4e83afcd65f94a4506e

HTTP Headers

                                        GET /file/parisians-unextenuable-unfuturistic/index.html HTTP/1.1
Host: f003.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 
x-bz-file-name: index.html
x-bz-file-id: 4_z253eb5e4d6fb238785670413_f101f65d1ae781d99_d20230206_m223640_c003_v0312005_t0023_u01675723000454
x-bz-content-sha1: 24c357a9352bbbd99ee8643d8a6743b9f5557319
X-Bz-Upload-Timestamp: 1675723000454
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 77882
Date: Wed, 08 Feb 2023 21:57:30 GMT
Keep-Alive: timeout=5
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

565c1bbc5c1c40be1988b3bf6fd9dc1a

cfdba5bc597130461dd67bf6cda53183be592493

60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12368
Expires: Thu, 09 Feb 2023 01:23:38 GMT
Date: Wed, 08 Feb 2023 21:57:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

565c1bbc5c1c40be1988b3bf6fd9dc1a

cfdba5bc597130461dd67bf6cda53183be592493

60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12368
Expires: Thu, 09 Feb 2023 01:23:38 GMT
Date: Wed, 08 Feb 2023 21:57:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

ff250d3ef3fa45322bf05039a0122a9f

b3e7a2c383bce1bab807dbe1a03c375258b51f1d

d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:34:13 GMT
content-type: application/json
age: 1397
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

f003.backblazeb2.com/file/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js

45.11.36.16

404

URL HTTP/1.1

f003.backblazeb2.com/file/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
IP

45.11.36.16:0
ASN

#40401 BACKBLAZE

Magic

JSON data\012- , ASCII text

Size

96
Hash

de269e70858e424897b6133a6b894025

8dd6d21b737da6e27a1dccf9b19b8c7680d7588c

c1b0bd344ceec5711ef268417f8cf06edfa7ec8ff24bb3da6d449d29a6640692

HTTP Headers

                                        GET /file/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js HTTP/1.1
Host: f003.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 404 
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 96
Date: Wed, 08 Feb 2023 21:57:30 GMT
Keep-Alive: timeout=5
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.163:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0333fa3e34f17f01e9829bd8ee662c23

be4c7a8599038facc49c73d6d14451023bc919e7

8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

216.58.207.202

200 OK

30399

URL HTTP/2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP

216.58.207.202:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (65451)

Size

30399
Hash

0f83cadc148d2ad7e53c91f6c4ee05bb

90035c5fffedf4b0f099465f6b929a030b46c92b

3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

                                        GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 19:19:40 GMT
expires: Wed, 07 Feb 2024 19:19:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 95870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.163:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0333fa3e34f17f01e9829bd8ee662c23

be4c7a8599038facc49c73d6d14451023bc919e7

8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

45b29aefeaf6731929f6183834d4b13a

e8c33f66567761482676a9673fbc9a354d8d3b57

bb4a350e12fd291ab7deda7cbcbe48532235ef9c0f4f109220763301b1f62cae

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:30 GMT
Etag: "63e37b46-117"
Server: ECS (amb/6BB9)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

45b29aefeaf6731929f6183834d4b13a

e8c33f66567761482676a9673fbc9a354d8d3b57

bb4a350e12fd291ab7deda7cbcbe48532235ef9c0f4f109220763301b1f62cae

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=131964
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:30 GMT
Etag: "63e37b46-117"
Expires: Fri, 10 Feb 2023 10:36:54 GMT
Last-Modified: Wed, 08 Feb 2023 10:36:54 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

45b29aefeaf6731929f6183834d4b13a

e8c33f66567761482676a9673fbc9a354d8d3b57

bb4a350e12fd291ab7deda7cbcbe48532235ef9c0f4f109220763301b1f62cae

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:30 GMT
Server: ECS (amb/6B9E)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

45b29aefeaf6731929f6183834d4b13a

e8c33f66567761482676a9673fbc9a354d8d3b57

bb4a350e12fd291ab7deda7cbcbe48532235ef9c0f4f109220763301b1f62cae

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:30 GMT
Server: ECS (amb/6B96)
Content-Length: 279

static.cimcontent.net/data-layer/

95.101.93.229

200 OK

29024

URL HTTP/2

static.cimcontent.net/data-layer/
IP

95.101.93.229:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (65460)

Size

29024
Hash

60d8f6be4c59f727597fc8977413f51a

984b6eb7edfad9f5c45687e0ff5a37cc977a9eb0

ef1b50157caca1c3d016193035e2cce48ea9521a575e98b6eade398a0126c5ee

HTTP Headers

                                        GET /data-layer/ HTTP/1.1
Host: static.cimcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 05 Jan 2023 18:24:12 GMT
etag: "119b636f38c941af26850cb1a8ca516b"
x-amz-version-id: YxN3pMvaG33xDhJe3WCffbjAmqG478qb
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: G80VBNxeBHQWHcSc2ee-4LyEovk1XJpKbuMJdNOUgSq5XR68ne9ABQ==
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
date: Wed, 08 Feb 2023 21:57:30 GMT
content-length: 29024
access-control-allow-origin: *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:51:20 GMT
age: 370
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

9b88bae61bca33aba8aa99f6128db8d9

a07b61fb2458917699613fcae68710941b595416

54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5134
Expires: Wed, 08 Feb 2023 23:23:05 GMT
Date: Wed, 08 Feb 2023 21:57:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

45b29aefeaf6731929f6183834d4b13a

e8c33f66567761482676a9673fbc9a354d8d3b57

bb4a350e12fd291ab7deda7cbcbe48532235ef9c0f4f109220763301b1f62cae

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:31 GMT
Etag: "63e37b46-117"
Last-Modified: Wed, 08 Feb 2023 21:57:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html

45.11.36.16

200

77882

URL HTTP/1.1

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
IP

45.11.36.16:0
ASN

#40401 BACKBLAZE

Magic

HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators

Size

77882
Hash

092ff4c1bb00767b1181b415314078eb

24c357a9352bbbd99ee8643d8a6743b9f5557319

06d704e2e42a068cfa9a3dd0cf95d80e6b084f792e8de4e83afcd65f94a4506e

HTTP Headers

                                        GET /file/parisians-unextenuable-unfuturistic/index.html HTTP/1.1
Host: f003.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 
x-bz-file-name: index.html
x-bz-file-id: 4_z253eb5e4d6fb238785670413_f101f65d1ae781d99_d20230206_m223640_c003_v0312005_t0023_u01675723000454
x-bz-content-sha1: 24c357a9352bbbd99ee8643d8a6743b9f5557319
X-Bz-Upload-Timestamp: 1675723000454
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 77882
Date: Wed, 08 Feb 2023 21:57:30 GMT
Keep-Alive: timeout=5
Connection: keep-alive

f003.backblazeb2.com/favicon.ico

45.11.36.16

404

URL HTTP/1.1

f003.backblazeb2.com/favicon.ico
IP

45.11.36.16:0
ASN

#40401 BACKBLAZE

Magic

JSON data\012- , ASCII text

Size

86
Hash

3bb14a1fdabbdd282cdebcb2129a3547

162791fec485eeb18919943c447b62c5a4a174ae

62f75c54a4a635578deb3339e70e62ecb7f6d5af7989e9ec13c203a3936de364

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: f003.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 404 
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=UTF-8
Content-Length: 86
Date: Wed, 08 Feb 2023 21:57:30 GMT
Keep-Alive: timeout=5
Connection: keep-alive

push.services.mozilla.com/

44.240.124.200

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

44.240.124.200:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QEzog+ttI7HgS1D8eH7u9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dVc35T0yOUwOfEJ1gnuHHZr/Cis=

f003.backblazeb2.com/file/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js

45.11.36.16

404

URL HTTP/1.1

f003.backblazeb2.com/file/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
IP

45.11.36.16:0
ASN

#40401 BACKBLAZE

Magic

JSON data\012- , ASCII text

Size

96
Hash

de269e70858e424897b6133a6b894025

8dd6d21b737da6e27a1dccf9b19b8c7680d7588c

c1b0bd344ceec5711ef268417f8cf06edfa7ec8ff24bb3da6d449d29a6640692

HTTP Headers

                                        GET /file/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js HTTP/1.1
Host: f003.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 404 
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 96
Date: Wed, 08 Feb 2023 21:57:31 GMT
Keep-Alive: timeout=5
Connection: keep-alive

static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2

95.101.93.229

200 OK

26768

URL HTTP/2

static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
IP

95.101.93.229:0
ASN

#16625 AKAMAI-AS

Magic

Web Open Font Format (Version 2), TrueType, length 26768, version 0.0\012- data

Size

26768
Hash

e3e79cd377b28c1e7ffea64b194136cf

e67fb661f5d630ecc811e93d526065a680bf58d7

138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

HTTP Headers

                                        GET /fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: static.cimcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://airforservice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: font/woff2
content-length: 26768
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "e3e79cd377b28c1e7ffea64b194136cf"
x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
accept-ranges: bytes
server: AmazonS3
x-edge-origin-shield-skipped: 0
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: DWKW0PcwNWYIymvT3cq3xBTevUa_xhOeU51B2hsvy-MO6CW12wskyw==
unused62: 8096267
cache-control: max-age=1812824
date: Wed, 08 Feb 2023 21:57:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html

45.11.36.16

200

77882

URL HTTP/1.1

f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
IP

45.11.36.16:0
ASN

#40401 BACKBLAZE

Magic

HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators

Size

77882
Hash

092ff4c1bb00767b1181b415314078eb

24c357a9352bbbd99ee8643d8a6743b9f5557319

06d704e2e42a068cfa9a3dd0cf95d80e6b084f792e8de4e83afcd65f94a4506e

HTTP Headers

                                        GET /file/parisians-unextenuable-unfuturistic/index.html HTTP/1.1
Host: f003.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/file/parisians-unextenuable-unfuturistic/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 
x-bz-file-name: index.html
x-bz-file-id: 4_z253eb5e4d6fb238785670413_f101f65d1ae781d99_d20230206_m223640_c003_v0312005_t0023_u01675723000454
x-bz-content-sha1: 24c357a9352bbbd99ee8643d8a6743b9f5557319
X-Bz-Upload-Timestamp: 1675723000454
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 77882
Date: Wed, 08 Feb 2023 21:57:31 GMT
Keep-Alive: timeout=5
Connection: keep-alive

airforservice.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929

104.21.40.207

200 OK

27715

URL HTTP/2

airforservice.com/email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929
IP

104.21.40.207:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text, with very long lines (3309), with no line terminators

Size

27715
Hash

e79db53a83d4f771043544a34c3582aa

c03baab12e2043250762ce6b6319af15e544896d

0cc909baec9aa1bb7b9157febf9c2e1d04be739b0c34a36329073892dacd77e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /email-list/xfinitydcnjdf/static/css/junket/fonts-remote.min8455.css?v=9e94929 HTTP/1.1
Host: airforservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:57:31 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=3375
etag: W/"63358cbf-d2f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 29 Sep 2022 12:17:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jweX1Nzosgk6hLwhKoV1eBcOgM9dlMogquqtC1t6NTRUM55vc1arGTAeB6TNa%2FSPnxwuGyEU9XpuzcpSduimsfk6v1kG9D8%2FjNy7Svtmp27otJOy%2F73vaNJVrq1mGkb8RUp34A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79679f143eba1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js

95.101.93.229

200 OK

222561

URL HTTP/2

static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
IP

95.101.93.229:0
ASN

#16625 AKAMAI-AS

Magic

ASCII text, with very long lines (65491)

Size

222561
Hash

7a495d9002d89d3c5e63ac7e274dbd44

304c0466adc57f88d80e440e9d651bb08cb81113

1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51

HTTP Headers

                                        GET /common-web-assets/ad-assets/prebid/prebid.js HTTP/1.1
Host: static.cimcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-type: application/javascript
content-length: 222561
last-modified: Thu, 15 Dec 2022 15:38:02 GMT
etag: "7a495d9002d89d3c5e63ac7e274dbd44"
x-amz-version-id: YMimtZHxJOPY4vmZdESPiAs3sq6od7Q7
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: yh523C0jB8keH32dKYtgoZRvrUdoZDP6ZFj44t6eD9AtwdX3mUH5SA==
cache-control: max-age=31536000
date: Wed, 08 Feb 2023 21:57:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2

95.101.93.229

200 OK

27152

URL HTTP/2

static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
IP

95.101.93.229:0
ASN

#16625 AKAMAI-AS

Magic

Web Open Font Format (Version 2), TrueType, length 27152, version 0.0\012- data

Size

27152
Hash

13709eac065721ba8cd0e2d1b6fa8026

2fa86f3c0fbc94711d6c0ed32e3e03add756ba18

2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

HTTP Headers

                                        GET /fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: static.cimcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://airforservice.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-type: font/woff2
content-length: 27152
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
accept-ranges: bytes
server: AmazonS3
etag: "13709eac065721ba8cd0e2d1b6fa8026"
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: hr0aE0VYfqSCngG1iGGvuJoJdSCEdUWHjFM4QJGt7Osb4YV6Ye3xvQ==
cache-control: max-age=1170276
date: Wed, 08 Feb 2023 21:57:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

status.geotrust.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

054fdcff5853ca82fe55fb7655ec00c4

b048e1d16384aeaeac003db9119c30fe78ec4054

62ad987e23c51b53598d860d77e3ff16525632567e9098a20ea557ca8c7f007b

HTTP Headers

                                        POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5675
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:31 GMT
Last-Modified: Wed, 08 Feb 2023 20:22:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ff003.backblazeb2.com%2Ffile%2Fparisians-unextenuable-unfuturistic%2Findex.html&jr=&ch=windows-1252&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_2.1.7&dddid=3ac8652a-524c-4b31-9959-a8215e18a14c&nocache=1675893508059&aus=300x600%2C300x250&divIds=ad-block&auid=540654279&

34.98.64.218

200 OK

URL HTTP/2

comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ff003.backblazeb2.com%2Ffile%2Fparisians-unextenuable-unfuturistic%2Findex.html&jr=&ch=windows-1252&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_2.1.7&dddid=3ac8652a-524c-4b31-9959-a8215e18a14c&nocache=1675893508059&aus=300x600%2C300x250&divIds=ad-block&auid=540654279&
IP

34.98.64.218:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text

Size

79
Hash

67322890a5bbe923e15e11e9bfd86514

7a5a00a33eeef01da3dfe5aaa97641587ea8f21f

230bcc10fb180f4865348915c4e9ee6bd47ba789cfc25ba48aa4a11ece26aa18

HTTP Headers

                                        GET /w/1.0/arj?ju=https%3A%2F%2Ff003.backblazeb2.com%2Ffile%2Fparisians-unextenuable-unfuturistic%2Findex.html&jr=&ch=windows-1252&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_2.1.7&dddid=3ac8652a-524c-4b31-9959-a8215e18a14c&nocache=1675893508059&aus=300x600%2C300x250&divIds=ad-block&auid=540654279& HTTP/1.1
Host: comcast-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 08 Feb 2023 21:57:31 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://f003.backblazeb2.com
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

status.geotrust.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

054fdcff5853ca82fe55fb7655ec00c4

b048e1d16384aeaeac003db9119c30fe78ec4054

62ad987e23c51b53598d860d77e3ff16525632567e9098a20ea557ca8c7f007b

HTTP Headers

                                        POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5994
Cache-Control: max-age=153429
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:32 GMT
Etag: "63e3b7b7-1d7"
Expires: Fri, 10 Feb 2023 16:34:41 GMT
Last-Modified: Wed, 08 Feb 2023 14:54:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

0b88324d55016fba7ec16400db7f0a93

183ecf2e74f0e653ba716d2f7658dda7a3a51c94

7bd3ca1c9275a4fdd0f5424c3514bb5a922508184f76037ffc5e5a9c81324866

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BD3CA1C9275A4FDD0F5424C3514BB5A922508184F76037FFC5E5A9C81324866"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3653
Expires: Wed, 08 Feb 2023 22:58:25 GMT
Date: Wed, 08 Feb 2023 21:57:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

9ce0c9bc2a6db0953de294199054df32

349a4f1fa3240e2b9d0a2254453ecaa4d78113e5

992aaf5ee320fb9291ced258e2b6fa49170bf1b5d54ee6b74955cf32719ebd93

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:32 GMT
Last-Modified: Wed, 08 Feb 2023 20:55:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Ff003.backblazeb2.com%2Ffile%2Fparisians-unextenuable-unfuturistic%2Findex.html&tk_flint=pbjs_lite_v2.26.0&x_source.tid=3ac8652a-524c-4b31-9959-a8215e18a14c&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1889333209246461

213.19.162.51

200 OK

304

URL HTTP/2

fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Ff003.backblazeb2.com%2Ffile%2Fparisians-unextenuable-unfuturistic%2Findex.html&tk_flint=pbjs_lite_v2.26.0&x_source.tid=3ac8652a-524c-4b31-9959-a8215e18a14c&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1889333209246461
IP

213.19.162.51:0
ASN

#26667 RUBICONPROJECT

Magic

JSON data\012- , ASCII text, with very long lines (304), with no line terminators

Size

304
Hash

2ab19229bd1aba783bb3e14f7651944f

e96cd737f93943853b933672d9109aac7d14e94a

77817f347aed9767ad1882c8024d67cafefe8752a8dec5da6c4dbc98c4faf32d

HTTP Headers

                                        GET /a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Ff003.backblazeb2.com%2Ffile%2Fparisians-unextenuable-unfuturistic%2Findex.html&tk_flint=pbjs_lite_v2.26.0&x_source.tid=3ac8652a-524c-4b31-9959-a8215e18a14c&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1889333209246461 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 08 Feb 2023 21:57:32 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://f003.backblazeb2.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDW7OVR2-M-2X5M; Domain=.rubiconproject.com; Path=/; Expires=Thu, 08-Feb-2024 21:57:32 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqriRJHgYljRe9DtVM30fCg/qhr5riXNI3zcE6nELhs41/bmMTPDwuYNQshl+/Pwppo2B05UvZjL+bSpoiXzSeLsqlSNZOaaDQ=; Domain=.rubiconproject.com; Path=/; Expires=Thu, 08-Feb-2024 21:57:32 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 304
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

314
Hash

8e109baddb22b573a373457259aac9ac

f5f95ff6171d3cb8b274fa8c1eb361a98faaf423

f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:57:32 GMT
Last-Modified: Wed, 08 Feb 2023 20:46:20 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314

e.serverbid.com/api/v2

159.89.246.130

204 No Content

URL HTTP/2

e.serverbid.com/api/v2
IP

159.89.246.130:0
ASN

#14061 DIGITALOCEAN-ASN

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        POST /api/v2 HTTP/1.1
Host: e.serverbid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 416
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 204 No Content
access-control-allow-origin: https://f003.backblazeb2.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 10080
date: Wed, 08 Feb 2023 21:57:31 GMT
X-Firefox-Spdy: h2

bidder.criteo.com/cdb?profileId=207&av=17&wv=2.26.0&cb=35947617938

178.250.1.8

200 OK

URL HTTP/2

bidder.criteo.com/cdb?profileId=207&av=17&wv=2.26.0&cb=35947617938
IP

178.250.1.8:0
ASN

#0

Magic

JSON data\012- , ASCII text, with no line terminators

Size

44
Hash

5f1dcf53824ce88cdb7941d34db3f19d

4164a13e3f53e1f002606a807d64a92620720fb0

3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74

HTTP Headers

                                        POST /cdb?profileId=207&av=17&wv=2.26.0&cb=35947617938 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 298
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:57:31 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://f003.backblazeb2.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

acdn.adnxs.com/ast/ast.js

151.101.129.108

200 OK

33183

URL HTTP/1.1

acdn.adnxs.com/ast/ast.js
IP

151.101.129.108:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

33183
Hash

d1e5a9d2145fd83994191d9940809831

2930a21ac2c54803193818d66f7dc0404cc33d92

d11b78fc5d521a01fab1c3cd24c9af6b4007245603f3525901ed5728293442ac

HTTP Headers

                                        GET /ast/ast.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 33183
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 17:19:51 GMT
ETag: W/"63c6d8b7-17dc7"
Expires: Fri, 27 Jan 2023 02:17:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 21:57:32 GMT
Age: 70757
X-Served-By: cache-lga21942-LGA, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 11, 76643
X-Timer: S1675893453.643862,VS0,VE0
Vary: Accept-Encoding

c.amazon-adsystem.com/cdn/prod/config?src=3338&u=https%3A%2F%2Ff003.backblazeb2.com

54.230.111.210

204 No Content

URL HTTP/2

c.amazon-adsystem.com/cdn/prod/config?src=3338&u=https%3A%2F%2Ff003.backblazeb2.com
IP

54.230.111.210:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /cdn/prod/config?src=3338&u=https%3A%2F%2Ff003.backblazeb2.com HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f003.backblazeb2.com
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 204 No Content
access-control-allow-origin: https://f003.backblazeb2.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Wed, 08 Feb 2023 21:57:31 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D55FG3JKYnlTSe239RcnCtPEjH3XeWVNsMIfr1WGW1wnneUqAlFoFw==
X-Firefox-Spdy: h2

c.amazon-adsystem.com/aax2/apstag.js

54.230.111.210

200 OK

47659

URL HTTP/2

c.amazon-adsystem.com/aax2/apstag.js
IP

54.230.111.210:0
ASN

#16509 AMAZON-02

Magic

data

Size

47659
Hash

4acc7a7e01e2c1e9514cc38700c6f494

1a87cc749c9fea0b37f365c0f2ed472cac2cd33d

e371ecd1298ea8158c41b807b9a2d97484b75003b543ed397b28ba91724286c5

HTTP Headers

                                        GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f003.backblazeb2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript
date: Wed, 08 Feb 2023 21:05:12 GMT
last-modified: Wed, 08 Feb 2023 20:19:38 GMT
etag: W/"73a4291e0b24cc8bf12a18bcd544a2b9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: WQ8WcwjSUL6G43UgAfxYx2zmNAKhRwM1ul8JdUn4CdsKi7qJRvmBXA==
age: 3141
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

68273225f74fbf7493f395610d7a73fc

5a8779ef5656aeeba23b365aad60b7901c5dd7fc

c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3730
Expires: Wed, 08 Feb 2023 22:59:42 GMT
Date: Wed, 08 Feb 2023 21:57:32 GMT
Connection: keep-alive

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

#1 JS:Script (size: 100709)

#2 JS:Script (size: 95)

#3 JS:Script (size: 4110)

#4 JS:Script (size: 222571)

#5 JS:Script (size: 197639)

#6 JS:Script (size: 418)

#7 JS:Script (size: 337)

#8 JS:Script (size: 13472)

#9 JS:Script (size: 72559)

#10 JS:Script (size: 90875)

#11 JS:Script (size: 0)

#12 JS:Script (size: 261439)

#13 JS:Script (size: 5752)

#14 JS:Script (size: 182500)

#1 JS:Eval (size: 6482)

#2 JS:Eval (size: 54408)

#3 JS:Eval (size: 58)

#1 JS:Write (size: 10428)

HTTP Transactions (71)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP