275162346.xacomigo.com.br/978236355/aHR0cHM6Ly9lbnF1aXJlLWFzay5vbmxpbmUvP2VtYWlsPW1pY2hhZWwudmFuZGVyc25pY2tAbHlvbmRlbGxiYXNlbGwuY29t%3E
302 Moved Temporarily 0 B URL HTTP/1.1 275162346.xacomigo.com.br/978236355/aHR0cHM6Ly9lbnF1aXJlLWFzay5vbmxpbmUvP2VtYWlsPW1pY2hhZWwudmFuZGVyc25pY2tAbHlvbmRlbGxiYXNlbGwuY29t%3E
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /978236355/aHR0cHM6Ly9lbnF1aXJlLWFzay5vbmxpbmUvP2VtYWlsPW1pY2hhZWwudmFuZGVyc25pY2tAbHlvbmRlbGxiYXNlbGwuY29t%3E HTTP/1.1
Host: 275162346.xacomigo.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Wed, 14 Sep 2022 10:55:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://enquire-ask.online/?email=michael.vandersnick@lyondellbasell.com
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11194
Expires: Wed, 14 Sep 2022 14:02:13 GMT
Date: Wed, 14 Sep 2022 10:55:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 10:09:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZvTmVOYPEwkJxIirfe5TTwOQXqKizhQJj6d8bgt_u3fssKghUNDRvA==
Age: 2769
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6HbY968yo4VCld7iNUUTJtjvb2WrVYsSvMbKTxE0zz3RnO_rq_QVPw==
age: 22824
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 10:55:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
enquire-ask.online/?email=michael.vandersnick@lyondellbasell.com
302 Found 0 B URL HTTP/1.1 enquire-ask.online/?email=michael.vandersnick@lyondellbasell.com
IP
ASN #30860 Virtual Systems LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /?email=michael.vandersnick@lyondellbasell.com HTTP/1.1
Host: enquire-ask.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Wed, 14 Sep 2022 10:55:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=49e74dadc1586b1a55d02b98cf627d3c; path=/
Location: https://mail.office365.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
mail.office365.com/
301 Moved Permanently 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: mail.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Pragma: no-cache
Location: https://outlook.office365.com/owa/
Server: Microsoft-IIS/10.0
request-id: de294863-7aa7-adc6-24ca-ab813dae56f4
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-RequestId: 8163ff5a-402a-44e4-943a-365c1c989a4e
X-FEProxyInfo: OL1P279CA0060.NORP279.PROD.OUTLOOK.COM
X-FEEFZInfo: OSL
MS-CV: Y0gp3qd6xq0kyquBPa5W9A.0
X-Powered-By: ASP.NET
X-FEServer: OL1P279CA0060, OL1P279CA0060
Date: Wed, 14 Sep 2022 10:55:39 GMT
Connection: close
Content-Length: 0
outlook.office365.com/owa/
302 785 B URL HTTP/1.1 outlook.office365.com/owa/
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (713), with CRLF line terminators
Hash ada097dcdb6d90a014b7e8bc86a52946
a3b930ade366138709d6f42c65afada6a7123854
07bb8b78c0399117839619ef5f17a6e73546a5c4ff71908d9eed9c5cb1ad0c3c
GET /owa/ HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ClientId=20F9061A678B49998243C512B145E828; OIDC=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302
Content-Length: 785
Content-Type: text/html; charset=utf-8
Location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=079acd0e-97dd-971b-c497-af3313fb50b2&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637987497396118922.2e280efb-3959-4edc-a798-fb681b2724b2&state=DYtBEoAgCACxpueQiibwHCm8duz7cdg97SYA2IMtSCUEPBqrcFduOmoVJTrJSYovw6aXYvfnxhkRLhtSjZi6UYr3yO838w8
Server: Microsoft-IIS/10.0
request-id: 079acd0e-97dd-971b-c497-af3313fb50b2
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedFETarget: SV0P279CU002.internal.outlook.com
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: RoutingKeyCookie=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.nonce.v3.Mhoyg4dm6RWsfVNfGBarUWB1TVmYL2s9dMG9hqo31l8=637987497396118922.2e280efb-3959-4edc-a798-fb681b2724b2; expires=Wed, 14-Sep-2022 11:55:39 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OptInPrg=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
RoutingKeyCookie=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.token.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.token.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.id_token.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.code.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.id_token.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.code.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_nonce.v1=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.idp_correlation_id=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.tokenPostPath=; domain=outlook.office365.com; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OpenIdConnect.nonce.v3.Mhoyg4dm6RWsfVNfGBarUWB1TVmYL2s9dMG9hqo31l8=637987497396118922.2e280efb-3959-4edc-a798-fb681b2724b2; expires=Wed, 14-Sep-2022 11:55:39 GMT; path=/;SameSite=None; secure; HttpOnly
HostSwitchPrg=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
OptInPrg=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
SuiteServiceProxyKey=; expires=Mon, 14-Sep-1992 10:55:39 GMT; path=/; secure
X-OWA-RedirectHistory=ArLym14BiqVvqT-W2gg; expires=Wed, 14-Sep-2022 16:57:39 GMT; path=/;SameSite=None; secure; HttpOnly
X-CalculatedBETarget: SV0P279MB0139.NORP279.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 302, 302
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS6
X-OWA-DiagnosticsInfo: 1;0;0
X-IIDs: 0
X-BackEnd-Begin: 2022-09-14T10:55:39.611
X-BackEnd-End: 2022-09-14T10:55:39.611
X-DiagInfo: SV0P279MB0139
X-BEServer: SV0P279MB0139
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 302
X-FEProxyInfo: OS6P279CA0177.NORP279.PROD.OUTLOOK.COM
X-FEEFZInfo: OSL
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=OSL"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ: OSL
X-FEServer: SV0P279CA0019, OS6P279CA0177
Date: Wed, 14 Sep 2022 10:55:39 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 10:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x60T4e99eQvete2JYElQAOYFFNhPP8GJoMybR_bft3iY-9Eg9jmsZQ==
Age: 3137
login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=079acd0e-97dd-971b-c497-af3313fb50b2&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637987497396118922.2e280efb-3959-4edc-a798-fb681b2724b2&state=DYtBEoAgCACxpueQiibwHCm8duz7cdg97SYA2IMtSCUEPBqrcFduOmoVJTrJSYovw6aXYvfnxhkRLhtSjZi6UYr3yO838w8
200 OK 15 kB URL HTTP/1.1 login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=079acd0e-97dd-971b-c497-af3313fb50b2&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637987497396118922.2e280efb-3959-4edc-a798-fb681b2724b2&state=DYtBEoAgCACxpueQiibwHCm8duz7cdg97SYA2IMtSCUEPBqrcFduOmoVJTrJSYovw6aXYvfnxhkRLhtSjZi6UYr3yO838w8
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18525), with CRLF, LF line terminators
Hash d61391b5982f61185f3f2eb417ecbe4a
92c0d5a6b5b66a0276042fa4e33334b69eb5f0c2
8df4417168ce66b7fa7ce01503cbdaf10ae97f45d7f7d0145aa4b2900e037c91
GET /common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=079acd0e-97dd-971b-c497-af3313fb50b2&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637987497396118922.2e280efb-3959-4edc-a798-fb681b2724b2&state=DYtBEoAgCACxpueQiibwHCm8duz7cdg97SYA2IMtSCUEPBqrcFduOmoVJTrJSYovw6aXYvfnxhkRLhtSjZi6UYr3yO838w8 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1; buid=0.ASEAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrTNbsBAf551GZsUXgfEmJ7aE1dU5H0YdVvazUvFcypSdH8a0MAKQAbdDrgcOgZX7lX_FzuSddXIuUiQJWrmnXhvao29G44Hf0WExYI6ccKUcgAA; fpc=Aj_VkYJlqY5Fg6FYpjMznAWCeMQLAQAAAJ4ss9oOAAAA; clrc={%2219249%22%3a[%22+SjF/0ga%22%2c%22CWt5gt66%22]}
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msftauth.net>; rel=dns-prefetch, <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 37966a12-95d0-414a-9f03-c5f9ba5d4601
x-ms-ests-server: 2.1.13562.12 - WEULR2 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.ASEAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrsPuzdwZxt1LU5VxZULzHUNi6Z4QfhdbVNQlQlZBMdQAWjEI-F7VLBtD5eFs8ZrTZKj4FAf_9h6pYr4EP17-J-6nQzgriYSSjVY8pruQLvPAgAA; expires=Fri, 14-Oct-2022 10:55:39 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=Aj_VkYJlqY5Fg6FYpjMznAWerOTJAQAAACuqs9oOAAAA; expires=Fri, 14-Oct-2022 10:55:39 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7Wevrnx9J2OdGfQgcbhcMFvqpyzpR8JU6S7OqSmEY9pEna-t0BA9XUG4yIcZNNBNy-1_lFnxSgxOT-y8h9I4WrmuDr1acgPAJl2rgA1bjRdjEmR57s7v5tLJppi4_UrVehNckGhrwa4Y0RGs3vKtiZ3gZznec5SL9S3t0JuVKpciMTGggAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Wed, 14 Sep 2022 10:55:38 GMT
Content-Length: 14783
ocsp.digicert.com/
200 OK 471 B IP
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 527
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 10:55:40 GMT
Last-Modified: Wed, 14 Sep 2022 10:46:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
200 OK 20 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
File type ASCII text, with very long lines (61177)
Hash f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3432803
cache-control: public, max-age=31536000
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
content-type: text/css
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8DA7650B375AC9B
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (ska/F7A0)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5ecbd986-101e-0042-39ef-a82f4a000000
x-ms-version: 2009-09-19
content-length: 19970
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_bhph9ke12cvmxsi_dgo3ow2.js
200 OK 14 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_bhph9ke12cvmxsi_dgo3ow2.js
IP
File type Unicode text, UTF-8 text, with very long lines (32010)
Hash 192e44e15142fbeda91e071690a35f39
2161dbac5a584cd8fc344739ff7517f843ceae03
98b7dbb0146e81d4eaae8574bd859a5a0c5da5c915c0597655b39df7e667eb33
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_bhph9ke12cvmxsi_dgo3ow2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3379964
cache-control: public, max-age=31536000
content-md5: GS5E4VFC++2pHgcWkKNfOQ==
content-type: application/x-javascript
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8DA767D6E669F99
last-modified: Fri, 05 Aug 2022 00:57:12 GMT
server: ECAcc (ska/F698)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c968fccc-501e-008f-1e6a-a91923000000
x-ms-version: 2009-09-19
content-length: 13529
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rEkixmwXrnf1ZoXlPzTPPA2.js
200 OK 111 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rEkixmwXrnf1ZoXlPzTPPA2.js
IP
File type ASCII text, with very long lines (64616)
Size 111 kB (111291 bytes)
Hash 7cad802ba8c383aff82820006ec7a819
823420a6c6820775ec43b27cbdd05be44ba78cae
bf57d1a680c1b3c0d5700fc3269d3397b8b14c655fea98f864e0df518060d80c
GET /shared/1.0/content/js/ConvergedLogin_PCore_rEkixmwXrnf1ZoXlPzTPPA2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3432808
cache-control: public, max-age=31536000
content-md5: fK2AK6jDg6/4KCAAbseoGQ==
content-type: application/x-javascript
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8DA7652EDA85098
last-modified: Thu, 04 Aug 2022 19:52:57 GMT
server: ECAcc (ska/F6F2)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 65ef1048-a01e-0096-6aef-a87f29000000
x-ms-version: 2009-09-19
content-length: 111291
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
200 OK 17 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 9188432
cache-control: public, max-age=31536000
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ska/F738)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 99c0ded5-501e-0046-2297-74c4e6000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2
outlook.office365.com/owa/prefetch.aspx
200 OK 1.2 kB URL HTTP/1.1 outlook.office365.com/owa/prefetch.aspx
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1188), with CRLF line terminators
Hash fbdb2ff4a8124f07a157ccfde92982a6
90e91ef76df2c657c53bc50e139f4f40ab94d27a
7aad7600925a8e11385cdfbbcb348b3ab1680e93a3d9e5ba9ff8b6b3317888b9
GET /owa/prefetch.aspx HTTP/1.1
Host: outlook.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Cookie: ClientId=A9C03415B6C342C289543A691C26EDC3; OIDC=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, no-store
Content-Length: 1236
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
request-id: dff2de0c-77b3-e41f-e3c5-d335dfaca716
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedBETarget: OLAP279MB0086.NORP279.PROD.OUTLOOK.COM
X-BackEndHttpStatus: 200
Set-Cookie: OWAPF=v:15.20.5612.15&l:mouse; path=/
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS6
X-OWA-Version: 15.20.5612.22
X-OWA-DiagnosticsInfo: 1;0;0
X-IIDs: 0
X-BackEnd-Begin: 2022-09-14T10:55:40.369
X-BackEnd-End: 2022-09-14T10:55:40.369
X-DiagInfo: OLAP279MB0086
X-BEServer: OLAP279MB0086
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=OSL"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-Proxy-BackendServerStatus: 200
X-FirstHopCafeEFZ: OSL
X-FEProxyInfo: OL1P279CA0065.NORP279.PROD.OUTLOOK.COM
X-FEEFZInfo: OSL
X-FEServer: OL1P279CA0065
Date: Wed, 14 Sep 2022 10:55:39 GMT
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
200 OK 20 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
File type ASCII text, with very long lines (61177)
Hash f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3432803
cache-control: public, max-age=31536000
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
content-type: text/css
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8DA7650B375AC9B
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (ska/F7A0)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5ecbd986-101e-0042-39ef-a82f4a000000
x-ms-version: 2009-09-19
content-length: 19970
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_bhph9ke12cvmxsi_dgo3ow2.js
200 OK 14 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_bhph9ke12cvmxsi_dgo3ow2.js
IP
File type Unicode text, UTF-8 text, with very long lines (32010)
Hash 192e44e15142fbeda91e071690a35f39
2161dbac5a584cd8fc344739ff7517f843ceae03
98b7dbb0146e81d4eaae8574bd859a5a0c5da5c915c0597655b39df7e667eb33
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_bhph9ke12cvmxsi_dgo3ow2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3379964
cache-control: public, max-age=31536000
content-md5: GS5E4VFC++2pHgcWkKNfOQ==
content-type: application/x-javascript
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8DA767D6E669F99
last-modified: Fri, 05 Aug 2022 00:57:12 GMT
server: ECAcc (ska/F698)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c968fccc-501e-008f-1e6a-a91923000000
x-ms-version: 2009-09-19
content-length: 13529
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TQcbnvC+VmCiHiBLCqun5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uGmfeVJ7xJ1FmGu9wEgbO1ktkHk=
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_ce7e28197b4125ce53e0.js
200 OK 32 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_ce7e28197b4125ce53e0.js
IP
File type ASCII text, with very long lines (33036)
Hash b855f7421a7f17b53afb06881e2ce978
0d497b0f9c4066689aeb8fa415ed4cc34be4f307
25732b6d9c39c4dbd3f67aeb2aea2998e7c3ee4470432d4f4521583ca0c3152b
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_ce7e28197b4125ce53e0.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3432807
cache-control: public, max-age=31536000
content-md5: uFX3Qhp/F7U6+waIHizpeA==
content-type: application/x-javascript
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8DA7434D67D7930
last-modified: Tue, 02 Aug 2022 03:12:31 GMT
server: ECAcc (ska/F6D2)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f3dc89da-901e-0041-54ef-a8dc2a000000
x-ms-version: 2009-09-19
content-length: 32173
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
200 OK 987 B URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3\012- data
Hash e58aafc980614a9cd7796bea7b5ea8f0
d4cac92dcde0caf7c571e6d791101da94fdbd2ca
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
GET /shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 9270851
cache-control: public, max-age=31536000
content-md5: 5YqvyYBhSpzXeWvqe16o8A==
content-type: image/jpeg
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8D7D287001BC861
last-modified: Fri, 27 Mar 2020 19:42:36 GMT
server: ECAcc (ska/F737)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 68e644ac-901e-0047-47d7-733aeb000000
x-ms-version: 2009-09-19
content-length: 987
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
200 OK 18 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
IP
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Hash 7916a894ebde7d29c2cc29b267f1299f
78345ca08f9e2c3c2cc9b318950791b349211296
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
GET /shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 9359913
cache-control: public, max-age=31536000
content-md5: eRaolOvefSnCzCmyZ/Epnw==
content-type: image/jpeg
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8D7D2870015D3DE
last-modified: Fri, 27 Mar 2020 19:42:36 GMT
server: ECAcc (ska/F690)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 6f67de8a-901e-0060-1807-735c76000000
x-ms-version: 2009-09-19
content-length: 17453
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
200 OK 5.1 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
IP
File type PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b36337037cff88c3df203bb73d58e41
1ada36fa207b8b96b2a5f55078bfe2a97acead0e
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
GET /shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 20962836
cache-control: public, max-age=31536000
content-md5: izYzcDfP+Iw98gO7c9WOQQ==
content-type: image/png
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8D7AF695D6C58F2
last-modified: Wed, 12 Feb 2020 03:12:17 GMT
server: ECAcc (ska/F7B7)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1f2d1853-901e-0004-6380-093529000000
x-ms-version: 2009-09-19
content-length: 5139
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
200 OK 1.4 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash 9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 20961078
cache-control: public, max-age=31536000
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
content-type: image/svg+xml
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8D79A1B9F5E121A
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ska/F7B5)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 88a9f18f-c01e-0086-2c84-09c001000000
x-ms-version: 2009-09-19
content-length: 1435
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.0.mouse.js
200 OK 180 kB URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.0.mouse.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (59783), with CRLF line terminators
Size 180 kB (179692 bytes)
Hash 7107c752f3901d95bdc4e9d46ac2b6d8
747a0d933dc2ef38a98fa11a44ba661ec6a5eae3
c4a5ecaf090da5f8115afcf0d4b723810054ecf3de31acc5ea6d48f9eb2d4111
GET /owa/prem/15.20.5612.15/scripts/boot.worldwide.0.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Tue, 06 Sep 2022 22:50:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 179692
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.1.mouse.js
200 OK 163 kB URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.1.mouse.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size 163 kB (163086 bytes)
Hash e8e90ea74afb3c2e067828c093fc86b1
cdc77987b351dc36f67d2d72d9bb59f17bfd49e0
411cbbad8d2c64f927321e1a825bf15860e2a7757688b4b445cdec041a1c497a
GET /owa/prem/15.20.5612.15/scripts/boot.worldwide.1.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Tue, 06 Sep 2022 22:50:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 163086
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.2.mouse.js
200 OK 170 kB URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.2.mouse.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size 170 kB (169702 bytes)
Hash 1e37d6bba254c3ff7f57d369bfffb5ee
3815e368af2c284735837ee7facbbfc9a7627e59
d3b62817e50c0a8e046612ec81463e9613eda09be666c511992f556550195852
GET /owa/prem/15.20.5612.15/scripts/boot.worldwide.2.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Tue, 06 Sep 2022 22:50:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 169702
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.3.mouse.js
200 OK 146 kB URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/scripts/boot.worldwide.3.mouse.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size 146 kB (145619 bytes)
Hash bac54154cb7ee7259633e02a7a4fa114
23f91aa87a91460719dbcd028823e7d77df37d90
5f2a24e3702d337eaf0954c1a3c34298350a3089c31815c6ce70be1fcd0d32b8
GET /owa/prem/15.20.5612.15/scripts/boot.worldwide.3.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Tue, 06 Sep 2022 22:50:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
content-length: 145619
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/resources/images/0/sprite1.mouse.png
200 OK 132 B URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/resources/images/0/sprite1.mouse.png
IP
File type PNG image data, 600 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eda15637afeac6078f56c9dcc9bbdb8
97b900884183cb8cf99ba069eedc280c599c1b74
68c66d144855ba2bc8b8bee88bb266047367708c1e281a21b9d729b1fbd23429
GET /owa/prem/15.20.5612.15/resources/images/0/sprite1.mouse.png HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 132
content-type: image/png
last-modified: Tue, 06 Sep 2022 23:02:22 GMT
server: AkamaiNetStorage
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
200 OK 621 B URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators
Hash 4761405717e938d7e7400bb15715db1e
76fed7c229d353a27db3257f5927c1eaf0ab8de9
f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf
GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 8071655
cache-control: public, max-age=31536000
content-md5: R2FAVxfpONfnQAuxVxXbHg==
content-type: image/svg+xml
date: Wed, 14 Sep 2022 10:55:40 GMT
etag: 0x8D8852A740F01B9
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: ECAcc (ska/F695)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 61d031c2-901e-008e-5cbf-7ee72e000000
x-ms-version: 2009-09-19
content-length: 621
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/resources/images/0/sprite1.mouse.css
200 OK 288 B URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/resources/images/0/sprite1.mouse.css
IP
File type ASCII text, with very long lines (994), with no line terminators
Hash d5376db145bd802d6dc34b453e38db2d
a33794e22b790cefae0b1427244ddbf60aef74e6
4e5c1ba33900bd8b05d2bef342bdd037c240d27207ef878b2b87d252dfc30cfc
GET /owa/prem/15.20.5612.15/resources/images/0/sprite1.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Tue, 06 Sep 2022 23:02:23 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
content-length: 288
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r4.res.office365.com/owa/prem/15.20.5612.15/resources/styles/0/boot.worldwide.mouse.css
200 OK 44 kB URL HTTP/2 r4.res.office365.com/owa/prem/15.20.5612.15/resources/styles/0/boot.worldwide.mouse.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 820f40594a0e8d5f9d58546208aa9060
e17ed5116a34c432013a244c979ac9da53829d74
f8f708049e1e1609af3959cd21eaf313c8192d3e962887a7a2e1f9b353d3fc80
GET /owa/prem/15.20.5612.15/resources/styles/0/boot.worldwide.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://outlook.office365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Tue, 06 Sep 2022 23:03:19 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 14 Sep 2022 10:55:40 GMT
content-length: 44144
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4689
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:55:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4689
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:55:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4689
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:55:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4689
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:55:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7be52d818b206e064541ef4f4b0786b
7674123112859fd79ee9214c5308ad6a5e4ed015
bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16980
x-amzn-requestid: f6211d45-1e26-49a6-8c46-412d8714501c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIvUHPwoAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87fb-00d053687671af6214ea6ba9;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:02:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZhWlfWQgEMpTF4Nrnc3RTN71UZICYJTNpVNUvEsurjMDp2e8mta4Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 00:10:59 GMT
age: 38682
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b20499b3b8ef7b8ee73bd8b27e8c0c16
744a852e9357455d55e72809841411258fec44a9
457c8a9e4974a9529fa852b37f7ffc083e0eac987fe47aaebda808bf9f9f2941
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9270
x-amzn-requestid: bba505a1-bbba-4d14-ad3a-1f72c028cc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj-YGaOIAMFeOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6c2-08d743cc73070f6653991180;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N0iUxQripFCaFLbMsp-lsFOMHDKzQUW3AHaWMyzOK9NGyAz5weDbvg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:28:34 GMT
age: 41227
etag: "744a852e9357455d55e72809841411258fec44a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69d287fa3fde0ea0ad5ac42fc708fb7d
e93a0bcbb4d394a087a6fd2a95e31cd371186433
5bb5a92d6498fee73ada8b2b8cf79ca4f6a7cd7ce35bab9b877870a847f212cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8523
x-amzn-requestid: facc0fcf-fc31-4c49-bf47-4992b0496f5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yav8AG1cIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f9e6-3a07501574e592610dcd9d83;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:45:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wcReDELKUTdZfqKTbFNpzczrdUcvdH4XZGvajfVlcNduwLyHPfFpiw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:00:47 GMT
etag: "e93a0bcbb4d394a087a6fd2a95e31cd371186433"
content-type: image/jpeg
age: 46494
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 47049
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:42:05 GMT
age: 47616
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:48:11 GMT
age: 47250
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
162.241.61.184
52.97.230.178
20.190.159.1
62.182.86.190
93.184.220.29