firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 09:16:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -mKoLzUhsXGMDbFL3PedVl7paBZcwaZTk3QdJpLIUGUgt7EwbOiLVQ==
Age: 2063
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3220
Expires: Fri, 30 Sep 2022 10:44:08 GMT
Date: Fri, 30 Sep 2022 09:50:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _sRtKYwtLZLZ-qDmtwDCejc2ZULziUedkurOrX1k13TfxmUyXRGZLA==
age: 15721
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 09:50:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
200 OK 4.7 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3498), with CRLF line terminators
Hash 1d0cab46208867f3a9ad8609249be99d
dd136866f67cee600084d78d7310a748dbaeee33
8492e183ba3c50062f1c236ed27d01ac34aec228a6abb3d8c54c29335687e256
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk= HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 09:59:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2yqcWt70m0-RwmNNSYEEZc5FwSBVhirhtpWOPirnKIx6fCntTg40iQ==
Age: 1256
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 09:50:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 09:02:32 GMT
expires: Fri, 29 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 89277
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/api.css
200 OK 1.9 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/api.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1915), with no line terminators
Hash 026e6ee29afc930eb3c325ef00e289c0
76d1cfed584bcdbac1272956c287fb2e0928315a
63a602d76f364623cb6477ff9237f60df0bd2c5948658207974864c1c2275793
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/api.css HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Mar 2020 04:35:34 GMT
Accept-Ranges: bytes
Content-Length: 1915
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/config.js
200 OK 43 B URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/config.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5fb5664122bd69d952107ac0d19178b5
93c9749d5924b753d6217db83d57717d59d663f9
e530ef443c682ca02cab15d939402ead8c7c060fcf676164efd4078508e510e6
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/config.js HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 06:57:14 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6097
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 09:50:29 GMT
Last-Modified: Fri, 30 Sep 2022 08:08:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 09:50:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/pikaday.css
200 OK 3.4 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/pikaday.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (3271)
Hash c94817f47e0bc364eed460cacd0b56a8
9654600409e28f0d6016840afd07b1bff94120e0
0bf6bc6e7e66c9cfacaf824c257a091e908f00a134213c5c433e024729eddb3a
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/pikaday.css HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Mar 2020 04:37:38 GMT
Accept-Ranges: bytes
Content-Length: 3383
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/framework.min.js
200 OK 34 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/framework.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31994)
Hash 0d6793d477095e3ee517dc42da751e40
e9ab9e980bf225c1f97b2032cc3cb848c3951a8a
687c54662b84844c54be2a5a39421290e7ccc05bc8298983d304f28af7e11083
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/framework.min.js HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Mar 2020 06:56:36 GMT
Accept-Ranges: bytes
Content-Length: 34051
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AHnlbB/XHtC+QzNVUEHGHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K905KA2Wvdn0VPDflijLQkuxV6M=
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/style.css
200 OK 47 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/style.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (43311)
Hash 6af97716e34a6b40e4f871368790dd94
00f06d15fa45a413d0d214a735dce521a0921376
b40eea5338ffb4de44b8ced4bb257cf7ca0296537f8ce4772323c38c961eea80
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/style.css HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 05:24:16 GMT
Accept-Ranges: bytes
Content-Length: 47000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logo-.svg
200 OK 3.4 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logo-.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text
Hash 6ee9f4d2f35f5ccb2dbc3834c1b04f04
fd83e4f335757ad95764a73f27d5c832c1ed6ebe
2b9bfe0b66858de7bd07e103df964a3b18cc5802ec737d0cb6ebe686a4abff01
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logo-.svg HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:41:42 GMT
Accept-Ranges: bytes
Content-Length: 3399
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logow.svg
200 OK 3.7 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logow.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logow.svg HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Last-Modified: Tue, 28 Jul 2020 21:31:32 GMT
Accept-Ranges: bytes
Content-Length: 3651
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/bundle.min.js
200 OK 412 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/bundle.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (31985)
Size 412 kB (411857 bytes)
Hash b6bff6dd74ea04f80bb0a8ee56fa029b
edf7c3f3fd5debe7020202cdbdd90a5e9ed4c3df
43c812e91778bed6e73a73a0fde5fda61b793930ada817126abc015587f53a50
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/js/bundle.min.js HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Mar 2020 06:56:54 GMT
Accept-Ranges: bytes
Content-Length: 411857
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/fonts/Roboto-Medium.woff2
200 OK 64 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/fonts/Roboto-Medium.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 63800, version 2.0\012- data
Hash 86cae98350d9aaa601230e829707d83f
5cb23c2ac98be5b4e0fb8a97e28dda99ae76b8c7
2fea2f2aa913b7aa163f45c897a463ba47a00fba670f747ead3d73c44c0d61bd
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/fonts/Roboto-Medium.woff2 HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/style.css
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 07:13:52 GMT
Accept-Ranges: bytes
Content-Length: 63800
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/fonts/Roboto-Regular.woff2
200 OK 63 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/fonts/Roboto-Regular.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 63156, version 2.0\012- data
Hash 38812f4ed9937a253927cd4a918c8540
5cdbe0a3b2ecefc9c25ccefa511cf8a781c78799
65de8a3e5c4e0307b538ebe97df4dbcae0303b7a7afc5753aba95c218ae33a8e
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/fonts/Roboto-Regular.woff2 HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/css/style.css
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 07:12:40 GMT
Accept-Ranges: bytes
Content-Length: 63156
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/background.jpg
200 OK 173 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/background.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1427 x 775, 8-bit/color RGBA, non-interlaced\012- data
Size 173 kB (173376 bytes)
Hash 5a5630622580061cfb9e3050ba391816
1a37925c8a676ca864e5c053d625afb6601c7e22
bfe9a03d65b7b90ef5378e9492515c6bd5b27793bc6d459a6fafdd15fddf1d5a
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/background.jpg HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 25 Aug 2022 17:27:00 GMT
Accept-Ranges: bytes
Content-Length: 173376
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg
www.formacion.accesodigital.online/icewarpapi/
200 OK 2 B URL HTTP/1.1 www.formacion.accesodigital.online/icewarpapi/
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9dd172a836334f81b8e77c6bdd621ba2
832abef04a64dc2d61130026ce6c2425c48c4f02
34a6225b83a638ed08f01ecdbf30cf0be3478ffdd36be92295fee92c5585d57c
Analyzer Verdict Alert fortinet Phishing
POST /icewarpapi/ HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 354
Origin: http://www.formacion.accesodigital.online
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Fri, 30 Sep 2022 10:50:01 GMT
Date: Fri, 30 Sep 2022 09:50:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Fri, 30 Sep 2022 10:50:01 GMT
Date: Fri, 30 Sep 2022 09:50:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Fri, 30 Sep 2022 10:50:01 GMT
Date: Fri, 30 Sep 2022 09:50:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3a61a47-b3b8-4176-b9f5-9676cd6af7fc.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3a61a47-b3b8-4176-b9f5-9676cd6af7fc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92d42f7488d5bd64d79aff0b2161f5f5
59415987df0aeac28afe4f30f7a209e28c97cdbb
7e10344f60e9db2552d54e0cddc9807025681f9f8127b7861ad03fd1736dea5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3a61a47-b3b8-4176-b9f5-9676cd6af7fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: c9abd230-42f8-425c-8684-7b0b7abebc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5REysIAMFbig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103b-7b1d7d022cc6e02c55dcf47f;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f36OEbSiY760VxlL9KX86GOW30ZIMjI-CAiG1vTkayPgsdnIRo8CNA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:43:51 GMT
age: 43600
etag: "59415987df0aeac28afe4f30f7a209e28c97cdbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21d2bdcedbd619a80017054076319f9
86dd3bf133e9eddf8852f39e1ee695ee599ac886
fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 04:58:47 GMT
age: 17504
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13a12db696bc2bf6a6ea2f48f4c1428e
3481dce8ab711111fc8863d88bee1a887cfd43ac
6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aeTAqh8D5whTHS3seyOUj7QCNaITUh2ekHG8vNWZlpSeAnqPuFzmcQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:46:34 GMT
age: 43437
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logo--w.svg
200 OK 7.5 kB URL HTTP/1.1 www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logo--w.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash ee3a3d6af3bf6185b8656a481143a39a
1c940a7ab4673fd98da69e5782b9f9617a319939
f873cda7fba9ba2e1fd3f06416e5d9d52a81dcbae30f6ade9f2cea96dc9fd43d
Analyzer Verdict Alert fortinet Phishing
GET /www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/images/icons/logo--w.svg HTTP/1.1
Host: www.formacion.accesodigital.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/www.microsoft.comen-usmicrosoft-365onedriveonedrive-for-business/webmail/home.php?reason=1&trk=
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 09:50:29 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b307b2d-4d65-4a44-bdc9-02e2eb3040fe.webp
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b307b2d-4d65-4a44-bdc9-02e2eb3040fe.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7660f52ff0ccc2805e4186bfaeb86f3
64012d0a87c77d8409fa1be7d8d29124a81e3206
c4c2c65c2f830c5820dd019ada07607e31d338b824e2d66f7b4449c1026e123b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b307b2d-4d65-4a44-bdc9-02e2eb3040fe.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6058
x-amzn-requestid: 5895a9dc-4ec5-41cb-b0fa-b3f47677affe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPda6H8toAMFz7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f78-0941b5457484dc0c534333e2;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1Raa8DphZfTmcxIv1z70MMHpeboGmlsoY7k24hpc4GvYqAv4x2NGZQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:05:17 GMT
age: 42314
etag: "64012d0a87c77d8409fa1be7d8d29124a81e3206"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: ccfaad8d-c270-491f-b0fa-ac56fb1ba14e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVJ_G2doAMFXqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268a6-1599ec83051ceef5038d1296;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:06:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lJBttqTppgwf2GrKkC2zjd65WbmFZwJab-Hs4ZE0RdTMqwklavM-9A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 04:29:04 GMT
age: 19287
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.traditionliving.org/owa/auth/15.1.2375/themes/resources/favicon.ico
200 OK 7.9 kB URL HTTP/2 mail.traditionliving.org/owa/auth/15.1.2375/themes/resources/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer Verdict Alert urlquery Phishing - Microsoft Services
GET /owa/auth/15.1.2375/themes/resources/favicon.ico HTTP/1.1
Host: mail.traditionliving.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.formacion.accesodigital.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: image/x-icon
last-modified: Wed, 08 Sep 2021 19:07:51 GMT
accept-ranges: bytes
etag: "809dcbd1e4a4d71:0"
server: Microsoft-IIS/10.0
request-id: bc53b8a4-bd38-465c-adea-000baeabf53c
x-powered-by: ASP.NET
date: Fri, 30 Sep 2022 09:50:31 GMT
content-length: 7886
X-Firefox-Spdy: h2
162.214.198.158
93.184.220.29
23.36.76.226