ocsp.entrust.net/
23.38.202.187 1.6 kB IP 23.38.202.187:0
Hash 9fb3139dad257afd809a4fe1e44b9e57
409f64858c08b440d91961ce690ea8bf4fcd3ed0
01b65e967445fe6ae9259ab483d00a1e6c733d11c82e2965cb71902d53c936d3
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "01B65E967445FE6AE9259AB483D00A1E6C733D11C82E2965CB71902D53C936D3"
Last-Modified: Wed, 08 May 2024 03:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Wed, 08 May 2024 13:23:08 GMT
Date: Wed, 08 May 2024 12:23:31 GMT
Connection: keep-alive
ocsp.r2m03.amazontrust.com/
143.204.53.97 471 B URL ocsp.r2m03.amazontrust.com/
IP 143.204.53.97:0
Hash 887ede8850e6b2c5581b53fa3f849948
edfe80edcacb805a3af4418f2126d230af4756b5
2ef71d9cfeb6b840015d6ca4571a7e2ef0f1686869e218c47d364dd61a02e919
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 12:23:31 GMT
Last-Modified: Wed, 08 May 2024 11:21:14 GMT
Server: ECAcc (ska/F69C)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SYLw22SVmUvWbYCJZTlDA8lf1SAtcSEBeo6VFIupyrh2ndpY8KuQjw==
Age: 3737
pie-majestic-guava.glitch.me/?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh
54.83.64.233 806 B URL pie-majestic-guava.glitch.me/?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh
IP 54.83.64.233:0
File type HTML document, ASCII text
Hash 08a23446d433040e17a0aa158c016074
e13da2ef56762a908ff5f512cd2c25247982009c
4314e75c9d0c447b928007a97fbe1c287eda7c4be3f1417ee5dd4ac362c9c07c
GET /?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh//pie-majestic-guava%e3%80%82glitch%e3%80%82me?/YWxpc29uLmJhcnJpY2tAY2JzYS1hc2ZjLmdjLmNh HTTP/1.1
Host: pie-majestic-guava.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:23:32 GMT
content-type: text/html; charset=utf-8
content-length: 806
x-amz-id-2: mUSQX7jzfBgb0tPfm6zqEK+XESB1nmfcR1gyhAaCwqc3zIFreQEUwmc9Ik0hWYlsqLJ5UVC2lc8=
x-amz-request-id: 3PTJS1Q7062EA94T
last-modified: Mon, 06 May 2024 12:39:46 GMT
etag: "08a23446d433040e17a0aa158c016074"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: Xk_GcJuGJE0YAyPGwSZyVKK0yzFvIjS7
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2
a3cb6c8b.webmail-7hc.pages.dev/docc-file.html
172.66.44.81 0 B URL a3cb6c8b.webmail-7hc.pages.dev/docc-file.html
IP 172.66.44.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /docc-file.html HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pie-majestic-guava.glitch.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Wed, 08 May 2024 12:23:32 GMT
content-length: 0
location: /docc-file
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FIXRIFjeUrhhCJzmIYXTvtQLDEEQuDhJooRTuzjb5cOD88y0DrSS6PqvlMFrjw3%2FY4TbOs7WLTF5rNFHk%2B8kcHiKzMniXng1kt6EYmzyn%2FcBcHTFKqiYyPAjoZqB%2FnW7j85g9u%2BDE7s5cWdk%2Bs7EHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096bec8a6f5696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
images.sftcdn.net/images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg
104.110.18.102200 OK 1.6 kB URL GET HTTP/2 images.sftcdn.net/images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg
IP 104.110.18.102:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerLet's Encrypt
Subjects4-san.cloudinary.com
Fingerprint12:4D:54:45:72:66:B8:94:EB:53:70:54:6C:4E:F3:56:78:29:8D:27
ValidityWed, 14 Feb 2024 11:43:07 GMT - Tue, 14 May 2024 11:43:06 GMT
File type RIFF (little-endian) data, Web/P image
Hash 99724406fe475a16c3ba875b3e4742e7
b0a47e644eb92d1d0dcd7dcd41f393f0da26fb1b
2175ef57d8cb9f2c1d8d1f75f2a4d0cce3963fdf0c8013cafbe5ecd1866a6c2c
GET /images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg HTTP/1.1
Host: images.sftcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1620
etag: "99724406fe475a16c3ba875b3e4742e7"
last-modified: Fri, 26 Jun 2020 13:52:47 GMT
date: Wed, 08 May 2024 12:23:32 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent
content-disposition: inline; filename="roundcube-webmail-roundcube_logo_icon.svg"
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-05-08T12:23:32.907Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
a3cb6c8b.webmail-7hc.pages.dev/assets/css/style.css
172.66.44.81404 Not Found 0 B URL GET HTTP/3 a3cb6c8b.webmail-7hc.pages.dev/assets/css/style.css
IP 172.66.44.81:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectwebmail-7hc.pages.dev
FingerprintA7:23:DA:28:42:A4:BA:4B:F9:73:A1:9A:EA:EF:3F:A0:BE:05:D2:39
ValiditySun, 05 May 2024 22:10:41 GMT - Sat, 03 Aug 2024 22:10:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/style.css HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/docc-file
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 12:23:32 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfXVjG2y2A1KyIFEWHvlqr2nMEOF7o0qChi%2BXvhuAxICXUUBNUUuhgWlQxRKtApo301lWhXnpXFOAgsqbkP0w2Cgfd9kOvkbwbo7HiPc8J7jSjO2VZfZYpVoCMCIJ%2FtOO50Lsj45%2FkUcFCcOSfjdIbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096bee8d80568b-OSL
alt-svc: h3=":443"; ma=86400
a3cb6c8b.webmail-7hc.pages.dev/assets/js/script.js
172.66.44.81404 Not Found 0 B URL GET HTTP/3 a3cb6c8b.webmail-7hc.pages.dev/assets/js/script.js
IP 172.66.44.81:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectwebmail-7hc.pages.dev
FingerprintA7:23:DA:28:42:A4:BA:4B:F9:73:A1:9A:EA:EF:3F:A0:BE:05:D2:39
ValiditySun, 05 May 2024 22:10:41 GMT - Sat, 03 Aug 2024 22:10:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/script.js HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/docc-file
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 12:23:32 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLYLB%2BOT6TJih1nJktwKnJwtLtSF%2F1dn2pe65Z2Hte%2BNuLWL7j7VPKYn7PUKWONLximg8z4ViTsGwqy1pxMtCSWAKBx5nxWQ9l2d76T8OIQylhIs5EgL9Uv2ZHt%2Fww5uoOhud33Z21swY%2BFhl65x1Sg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096bee9d9c568b-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
104.17.24.14200 OK 27 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 104.17.24.14:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32180)
Hash 7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:23:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 673011
expires: Mon, 28 Apr 2025 12:23:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4rj6ZkbVbfbhrbQSac17%2FTTf441xMz%2BvhwUVqCZqFdHFd4gHjFSxQEio%2F%2FR8k7e6g2389wX1h1cRTOSl4yS0ui2zvDroJj6riOmgiAwbS1o8b%2FtPNoTtGnzW6Q3fiBaMI91QBLV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88096beeb9850b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
a3cb6c8b.webmail-7hc.pages.dev/docc-file
172.66.44.81 25 kB URL a3cb6c8b.webmail-7hc.pages.dev/docc-file
IP 172.66.44.81:0
File type HTML document, ASCII text, with very long lines (1280)
Hash 93a0d6a9013d5645634310486adb48d5
f19496e8717c7fff39818fc0a56b2063e6251f85
3cf0a7e8c09251ad20fb5c3addc82cfa48dd291fc0a29f974dcd4096b590c54a
GET /docc-file HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pie-majestic-guava.glitch.me/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 12:23:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"70ab6fd395b500e8d3035877ddc9ab67"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXRvTuJOrHk4dRN8%2FFDPMsXHA%2FDH7HVdALBcVeTRNW39yDIu5WrmIpbXm6RlxSoH%2BvbRCv1PgTmx8S2HbNKNGvtC51lajdCrQQww6Hh%2FErRn3nK3TD8XKuVn%2Bhe5Ij%2FJomn0BZO%2Fno2Gn7GKx%2FEPBfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096becdab95696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/fonts
142.250.74.164 0 B IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: application/binary
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
location: https://fonts.google.com/
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-UZtFUjPvoNPFy4Jwhg8kpQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=jyASjNnUay3ULNJa_rzwHwBd_JS8CgkkMaLMArq3hts-IKfGqL2gclbN_H1svYp_jL5xjZhVK6lqLWffWfCbZYFxUw3xMewJb2oEcBwBd7kLfUvdTLg_bTr4OMjqOq5hrskgOjCMUSdj0DbgPIw7e0h0cpK9N3nYYbEojsU8jhQ; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/fonts
142.250.74.164 0 B IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: application/binary
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
location: https://fonts.google.com/
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-feeIdYnikZquqKRX2rs5gg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=VLkFMNkv-RZjsKfvmaBAWbBo-2TctelkB0zgCMSzHpRz9wyGx_BZ6OTDiFljl4iA5kuoiRA43rSsddn_ix0D1WfhN0KSdrgieq8nzMgZnfS6UZoagr5lvCSGr4JOdwIP5oVl1_GsFsBzmNIxpcfizCWWnR0m_c9-VEB0Pn95pjc; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.google.com/
142.250.74.14 12 kB IP 142.250.74.14:0
File type gzip compressed data, max compression
Hash d4a5e3c1d0b847ced9088c913747a040
711fcf7f9f7d89ce6408a807d4d0ca3303f5de7c
2e1aec18158987fa5ce6baf5a5966330ae83aaca852f4cb6a16d3723b7dd3fd7
GET / HTTP/1.1
Host: fonts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-EbSkm-_IuFYf40KTrLeAHw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=gi2iJzRk26SYqc9SreMGb92dcnE6AQ0CQdmdOw3Ipn-hwnFIOMsj5tTiTiYq5Z7vBtdEfhcDzVmWabh3kmuTlItOp2Y7Uc85PhCIIh-kHMBha0EfLTtvLOsgSEo4P_xkY406OtHqNMLqH8aCUCzNRW5z9vKeFOJQ5CVTHvbfKMg; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a3cb6c8b.webmail-7hc.pages.dev/assets/js/script.js
172.66.44.81404 Not Found 0 B URL GET HTTP/3 a3cb6c8b.webmail-7hc.pages.dev/assets/js/script.js
IP 172.66.44.81:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectwebmail-7hc.pages.dev
FingerprintA7:23:DA:28:42:A4:BA:4B:F9:73:A1:9A:EA:EF:3F:A0:BE:05:D2:39
ValiditySun, 05 May 2024 22:10:41 GMT - Sat, 03 Aug 2024 22:10:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/script.js HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/docc-file
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 12:23:33 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeP03pY1bFknDyKwLMMb22NxM0AM1iGvWovVovF8oBp3BOJlJcgPdELEmvqxawYngSh4JP6UdFXuGld5u7N21pdRgRg%2F75UeeXLO39L8LGSKTv5Qs2WgWKEVNrR088P4CLBHtvNEV8SDApz5CLKnEJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096bf43c91568b-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
142.250.74.99200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
IP 142.250.74.99:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo
Hash ecec6c79a27c8914400d4116e02668aa
3b2880007b93580c4b35e2b31afe2fc9b6fa5923
8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
Origin: https://a3cb6c8b.webmail-7hc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:31 GMT
expires: Fri, 02 May 2025 01:49:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 556442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf
142.250.74.99200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf
IP 142.250.74.99:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh
Hash 85df2cb76110ce9ce787b45a5266d23a
91187234316d05377268346f4631e2de3bb6affe
4501b0c41bd6ffd12d34114eed5113b9e136f5f1715d7b4348dd1ccb570470f9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
Origin: https://a3cb6c8b.webmail-7hc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20847
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:59:59 GMT
expires: Fri, 02 May 2025 01:59:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 555814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
142.250.74.99200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
IP 142.250.74.99:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt
Hash a0d084a3e8176664e75f8eca3ebea96c
324ec20b91392a6871d7846e0ff2972447a1b2b8
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
Origin: https://a3cb6c8b.webmail-7hc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:15:02 GMT
expires: Sat, 03 May 2025 02:15:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 468511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
logo.clearbit.com/cbsa-asfc.gc.ca
143.204.55.100200 OK 17 kB URL GET HTTP/2 logo.clearbit.com/cbsa-asfc.gc.ca
IP 143.204.55.100:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced
Hash 181fb69c660fe307bdaada97653515a7
6977e59fdfb758700b86d084c3909acb9403795c
3521fe004e28c35b42b7ade5285ae568b77a4e427b7e521f9c88272eee41b195
GET /cbsa-asfc.gc.ca HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Mon, 06 May 2024 10:06:12 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KFL_pG7zrS-GZ51f5PRZ8kPVJsYw5Zkd0J44KBf-Gq9A-zG0b5ZEcw==
age: 181041
X-Firefox-Spdy: h2
a3cb6c8b.webmail-7hc.pages.dev/docc-file.html
172.66.44.81308 Permanent Redirect 24 kB URL User Request GET HTTP/2 a3cb6c8b.webmail-7hc.pages.dev/docc-file.html
IP 172.66.44.81:443
Certificate IssuerGoogle Trust Services LLC
Subjectwebmail-7hc.pages.dev
FingerprintA7:23:DA:28:42:A4:BA:4B:F9:73:A1:9A:EA:EF:3F:A0:BE:05:D2:39
ValiditySun, 05 May 2024 22:10:41 GMT - Sat, 03 Aug 2024 22:10:40 GMT
File type HTML document, ASCII text, with very long lines (1280)
Hash 93a0d6a9013d5645634310486adb48d5
f19496e8717c7fff39818fc0a56b2063e6251f85
3cf0a7e8c09251ad20fb5c3addc82cfa48dd291fc0a29f974dcd4096b590c54a
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /docc-file.html HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pie-majestic-guava.glitch.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Wed, 08 May 2024 12:23:32 GMT
content-length: 0
location: /docc-file
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FIXRIFjeUrhhCJzmIYXTvtQLDEEQuDhJooRTuzjb5cOD88y0DrSS6PqvlMFrjw3%2FY4TbOs7WLTF5rNFHk%2B8kcHiKzMniXng1kt6EYmzyn%2FcBcHTFKqiYyPAjoZqB%2FnW7j85g9u%2BDE7s5cWdk%2Bs7EHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096bec8a6f5696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
a3cb6c8b.webmail-7hc.pages.dev/docc-file
172.66.44.81200 OK 24 kB URL User Request GET HTTP/2 a3cb6c8b.webmail-7hc.pages.dev/docc-file
IP 172.66.44.81:443
Certificate IssuerGoogle Trust Services LLC
Subjectwebmail-7hc.pages.dev
FingerprintA7:23:DA:28:42:A4:BA:4B:F9:73:A1:9A:EA:EF:3F:A0:BE:05:D2:39
ValiditySun, 05 May 2024 22:10:41 GMT - Sat, 03 Aug 2024 22:10:40 GMT
File type HTML document, ASCII text, with very long lines (1280)
Hash 93a0d6a9013d5645634310486adb48d5
f19496e8717c7fff39818fc0a56b2063e6251f85
3cf0a7e8c09251ad20fb5c3addc82cfa48dd291fc0a29f974dcd4096b590c54a
GET /docc-file HTTP/1.1
Host: a3cb6c8b.webmail-7hc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pie-majestic-guava.glitch.me/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:23:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"70ab6fd395b500e8d3035877ddc9ab67"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXRvTuJOrHk4dRN8%2FFDPMsXHA%2FDH7HVdALBcVeTRNW39yDIu5WrmIpbXm6RlxSoH%2BvbRCv1PgTmx8S2HbNKNGvtC51lajdCrQQww6Hh%2FErRn3nK3TD8XKuVn%2Bhe5Ij%2FJomn0BZO%2Fno2Gn7GKx%2FEPBfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88096becdab95696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.google.com/
142.250.74.14200 OK 0 B IP 142.250.74.14:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: fonts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-EbSkm-_IuFYf40KTrLeAHw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=gi2iJzRk26SYqc9SreMGb92dcnE6AQ0CQdmdOw3Ipn-hwnFIOMsj5tTiTiYq5Z7vBtdEfhcDzVmWabh3kmuTlItOp2Y7Uc85PhCIIh-kHMBha0EfLTtvLOsgSEo4P_xkY406OtHqNMLqH8aCUCzNRW5z9vKeFOJQ5CVTHvbfKMg; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.google.com/
142.250.74.14200 OK 0 B IP 142.250.74.14:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: fonts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-eO_JTcc2X2rXbvmje78Hqg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=kklFHHAg3-pMQgKVPAVn4u2ky40Ryu9e0XGdAn-Gi0THjzusB5rsLpgoKNm0O4ureBMuYU2Q_O1wD_U6d5UexLm9EEOrUMVEqvRFPjyduHr08Y-0AOLIGo2uoZ7AJwLUBZHIbZGOWyODK-jDQypQVmtZIQjTSZO-I8ZRK8GemQc; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/fonts
142.250.74.164301 Moved Permanently 0 B IP 142.250.74.164:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: application/binary
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
location: https://fonts.google.com/
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-UZtFUjPvoNPFy4Jwhg8kpQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=jyASjNnUay3ULNJa_rzwHwBd_JS8CgkkMaLMArq3hts-IKfGqL2gclbN_H1svYp_jL5xjZhVK6lqLWffWfCbZYFxUw3xMewJb2oEcBwBd7kLfUvdTLg_bTr4OMjqOq5hrskgOjCMUSdj0DbgPIw7e0h0cpK9N3nYYbEojsU8jhQ; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
104.18.10.207200 OK 117 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP 104.18.10.207:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File type ASCII text, with very long lines (65371)
Size 117 kB (117305 bytes)
Hash eedf9ee80c2faa4e1b9ab9017cdfcb88
ed29315e0ffb3f14382431f2724235bf67f44eb3
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 12:23:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 08/04/2023 12:50:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7e74c5fea2151758aaf7c8cf1f839c4a
cdn-cache: HIT
cf-cache-status: HIT
age: 672986
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 88096beeabc60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/fonts
142.250.74.164301 Moved Permanently 0 B IP 142.250.74.164:443
Requested by https://a3cb6c8b.webmail-7hc.pages.dev/docc-file#alison.barrick@cbsa-asfc.gc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a3cb6c8b.webmail-7hc.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: application/binary
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 12:23:33 GMT
location: https://fonts.google.com/
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-feeIdYnikZquqKRX2rs5gg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=VLkFMNkv-RZjsKfvmaBAWbBo-2TctelkB0zgCMSzHpRz9wyGx_BZ6OTDiFljl4iA5kuoiRA43rSsddn_ix0D1WfhN0KSdrgieq8nzMgZnfS6UZoagr5lvCSGr4JOdwIP5oVl1_GsFsBzmNIxpcfizCWWnR0m_c9-VEB0Pn95pjc; expires=Thu, 07-Nov-2024 12:23:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2