r.enterprisemanagement360.com/mk/cl/f/3OoaAV7OAdHyirqNWIf1vp1ibsuUHXAC3Gwiu90ANfEoYg6XG8oybE8GPaPuqRhX6pvqUUexiTRwETzdeoeqwrwbLYxswLjfRqvu7HOQm0Vcv_6JX9cjyJEPBVL59DpwRZV7l-fw3jBt5guD4pbY6brDn5I0iVDttCRbGTscfrplKyAJdxwPaMUPLBgLGhjodz6_0tgNYg7XKgGZPzrL-M1n0QezGn23lym6aPb8VLqHvY3bHTGt2QCxMYrDXcjRLP3rYIiwFqrcsCZhpA
200 OK 705 B URL HTTP/1.1 r.enterprisemanagement360.com/mk/cl/f/3OoaAV7OAdHyirqNWIf1vp1ibsuUHXAC3Gwiu90ANfEoYg6XG8oybE8GPaPuqRhX6pvqUUexiTRwETzdeoeqwrwbLYxswLjfRqvu7HOQm0Vcv_6JX9cjyJEPBVL59DpwRZV7l-fw3jBt5guD4pbY6brDn5I0iVDttCRbGTscfrplKyAJdxwPaMUPLBgLGhjodz6_0tgNYg7XKgGZPzrL-M1n0QezGn23lym6aPb8VLqHvY3bHTGt2QCxMYrDXcjRLP3rYIiwFqrcsCZhpA
IP
ASN #200484 Sendinblue SAS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d5a65bc70aa9cc33b7cbe9c8175369af
3c5fa338e1c1c6bd38436f1c98947d1092597079
770f25502600bed9e03e04769c7506ae3e7afbbbc67a46f3c6a84022a68b64d3
Analyzer Verdict Alert fortinet Phishing
GET /mk/cl/f/3OoaAV7OAdHyirqNWIf1vp1ibsuUHXAC3Gwiu90ANfEoYg6XG8oybE8GPaPuqRhX6pvqUUexiTRwETzdeoeqwrwbLYxswLjfRqvu7HOQm0Vcv_6JX9cjyJEPBVL59DpwRZV7l-fw3jBt5guD4pbY6brDn5I0iVDttCRbGTscfrplKyAJdxwPaMUPLBgLGhjodz6_0tgNYg7XKgGZPzrL-M1n0QezGn23lym6aPb8VLqHvY3bHTGt2QCxMYrDXcjRLP3rYIiwFqrcsCZhpA HTTP/1.1
Host: r.enterprisemanagement360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
content-length: 705
date: Thu, 22 Dec 2022 11:32:46 GMT
content-type: text/html; charset=utf-8
x-sib-server: srv-pr-online-rancher-worker-48.onl.51b.tech
x-content-type-options: nosniff
x-xss-protection: 1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12058
Expires: Thu, 22 Dec 2022 14:53:44 GMT
Date: Thu, 22 Dec 2022 11:32:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 04c14564c7083355371e41c5a09acada
ea488e34661be5420c798c7e26f193b4dee7bb37
d7e5c37d8e6cbed236670d050f84f288539642f7a41a54b0abd39357f7c42232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E5C37D8E6CBED236670D050F84F288539642F7A41A54B0ABD39357F7C42232"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18060
Expires: Thu, 22 Dec 2022 16:33:46 GMT
Date: Thu, 22 Dec 2022 11:32:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 10:46:02 GMT
content-type: application/json
age: 2804
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11099
Expires: Thu, 22 Dec 2022 14:37:45 GMT
Date: Thu, 22 Dec 2022 11:32:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h6H0G619QqWN96E+oxgd8zCa5cTsIHOJuBjBFPdwLCwn/JeLcT0FCtvESob9ImtUBur7QGAuOPM=
x-amz-request-id: GHXW59NYY5P1ZWEG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 10:53:37 GMT
age: 2349
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 11:32:46 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r.enterprisemanagement360.com/favicon.ico
200 OK 0 B URL HTTP/1.1 r.enterprisemanagement360.com/favicon.ico
IP
ASN #200484 Sendinblue SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: r.enterprisemanagement360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.enterprisemanagement360.com/mk/cl/f/3OoaAV7OAdHyirqNWIf1vp1ibsuUHXAC3Gwiu90ANfEoYg6XG8oybE8GPaPuqRhX6pvqUUexiTRwETzdeoeqwrwbLYxswLjfRqvu7HOQm0Vcv_6JX9cjyJEPBVL59DpwRZV7l-fw3jBt5guD4pbY6brDn5I0iVDttCRbGTscfrplKyAJdxwPaMUPLBgLGhjodz6_0tgNYg7XKgGZPzrL-M1n0QezGn23lym6aPb8VLqHvY3bHTGt2QCxMYrDXcjRLP3rYIiwFqrcsCZhpA
HTTP/1.1 200 OK
server: nginx
date: Thu, 22 Dec 2022 11:32:46 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 15 Mar 2021 05:49:45 GMT
etag: "604ef579-0"
accept-ranges: bytes
x-sib-server: srv-pr-online-rancher-worker-22.onl.51b.tech
x-content-type-options: nosniff
x-xss-protection: 1
ocsp.digicert.com/
200 OK 278 B IP
Hash d741ceb280916c99ece17797263ad3f3
7d711ae1d90f912809783831460e1f28b3fba5f3
3d00b6c95f3e1872925e175ae5890ec1bcd288f4c5f000812f0524dd4806fbc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5549
Cache-Control: max-age=158456
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 11:32:46 GMT
Etag: "63a3f2a9-116"
Expires: Sat, 24 Dec 2022 07:33:42 GMT
Last-Modified: Thu, 22 Dec 2022 06:01:13 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 10:33:24 GMT
age: 3563
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash cff20ca4dd87c32f3b02bc98c76ef742
f47ef2f88db963dded5df4ba8f1a6737f146cc35
712579e96ec63cbcf51d8b6f33bdb6d6d9baeb858e3662e009ed08553fbdefc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6184
Cache-Control: max-age=161578
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 11:32:47 GMT
Etag: "63a3fc61-117"
Expires: Sat, 24 Dec 2022 08:25:45 GMT
Last-Modified: Thu, 22 Dec 2022 06:42:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash ea09573012d47bab6ebd6495881b16cd
1f64666bc1d15212f7d968873f9b5ac3fa4eac6a
d8bb5ea55a8d595fe516496eb0b68f011d9c79933feeb145adeb04489300df9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 588
Cache-Control: max-age=127562
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 11:32:47 GMT
Etag: "63a38d5d-117"
Expires: Fri, 23 Dec 2022 22:58:49 GMT
Last-Modified: Wed, 21 Dec 2022 22:49:01 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5989
Cache-Control: max-age=170032
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 11:32:47 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 10:46:39 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WQQd1cWQa27l7csKZlojrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Vgoz4l57blPVF3pSPbjqLT8i6NA=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 487f216856b40c19fa218224da025b4c
b2b3aa866546f16630d88a76716101a28b01bf9b
47ff4e184a22d64d70c317b0b011f06abf75b7809b395c116453c63958dc785f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116910
Date: Thu, 22 Dec 2022 11:32:47 GMT
Etag: "63a3660d-1d7"
Expires: Fri, 23 Dec 2022 20:01:17 GMT
Last-Modified: Wed, 21 Dec 2022 20:01:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Uk0fjjwBvibqDWpGSSXVA8bFdMH4jSOCm-ncUNFL_Bjn9sJlCmhLRQ==
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3687
Expires: Thu, 22 Dec 2022 12:34:15 GMT
Date: Thu, 22 Dec 2022 11:32:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3687
Expires: Thu, 22 Dec 2022 12:34:15 GMT
Date: Thu, 22 Dec 2022 11:32:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3687
Expires: Thu, 22 Dec 2022 12:34:15 GMT
Date: Thu, 22 Dec 2022 11:32:48 GMT
Connection: keep-alive
sibautomation.com/cm.html?id=2990350
200 OK 11 kB URL HTTP/2 sibautomation.com/cm.html?id=2990350
IP
Hash 347a85c714ec3f9befd5bb7c82b578fc
75ac4b3300c4bc18e8e5e6f82799e989a51ec279
68e02b095e0d612816dddabc5f453e2eb47acc0c8f88d26618e4cfe611537549
GET /cm.html?id=2990350 HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://r.enterprisemanagement360.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 11:32:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-apo-via: origin,host
x-powered-by: Sails <sailsjs.com>
server-timing: cf-q-config;dur=7.9999990703072e-06
access-control-allow-origin: *
x-sib-server: SENDINBLUE-web2-2
x-content-type-options: nosniff
x-xss-protection: 1
last-modified: Thu, 22 Dec 2022 11:32:47 GMT
cf-cache-status: MISS
expires: Thu, 22 Dec 2022 13:32:47 GMT
cache-control: public, max-age=7200
server: cloudflare
cf-ray: 77d889f1c8a5b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sibautomation.com/cdn-cgi/rum?
200 OK 8.9 kB URL HTTP/2 sibautomation.com/cdn-cgi/rum?
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd72f58a8fdce6925df77081a95c951b
625acc5e8257f47f745fd5a1b5d43d10f2df0d81
20f5fcc7bd72d44b0fff58e12b4ab025082e55e2d86e2bd48d740f091b84a86a
POST /cdn-cgi/rum? HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1384
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/cm.html?id=2990350
Cookie: uuid=ffca2c07-0395-4f08-8360-5058ad085621
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 11:32:47 GMT
server: cloudflare
cf-ray: 77d889f52c72b4ff-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1aa2fe21cd79bf1faaac0272119678d0
d23357441546e2f09f28f23407c81a52c01b9a22
ea050bbd73c13bcbac664baa5ae51a92277e1b1d1b8e7b0a4e18b46b4d20f3e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8433
x-amzn-requestid: 4fed41bb-f868-49cd-820a-2dadcd2baace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabuOHIBIAMF04w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d98e-46ab81065bf0f6d157b16b13;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: guDXekCSbwPS-EwHHTdEyLjAI0KW3nrOMs3X80AE2TBrL1TsICefPg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 22:09:35 GMT
age: 48193
etag: "d23357441546e2f09f28f23407c81a52c01b9a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F020f9a0a-f0e6-4b4c-aa40-f2788e5007d7.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F020f9a0a-f0e6-4b4c-aa40-f2788e5007d7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2a40e121fc91e779158e1395135871
beebb96a4e26034793c852f6f3d0cc619bf8dc19
1129a52b0c6dd430dfce26d3275b37b0893c10dbd2c2b6db45221e152af919d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F020f9a0a-f0e6-4b4c-aa40-f2788e5007d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12322
x-amzn-requestid: d11986d3-8476-4276-8375-f9bbce1b50ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhBhKFj9oAMFzeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37c6d-1d77ed97092ba81607a12976;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:36:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BjyKUh5EcAOWy2t99HpXeCKVd1dSOR9O-AdQxxFqpY-ldj0b0sQJ_g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:14 GMT
age: 49174
etag: "beebb96a4e26034793c852f6f3d0cc619bf8dc19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
200 OK 2.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac396f580b50a626abbeb37c0ec5f005
626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb
3546f7a2be3f578ad9d8b8f57b89a69b6ece9b08da63fb9448e5e6dde4d3332c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2054
x-amzn-requestid: 5072b75c-7455-45cc-a35e-be7e0ed77496
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabqhHE6IAMFrxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d976-026c95822615b2550edb00e7;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:54 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XxmrTTAq667e3H9thY8MDXLqO2QWJXuLKm0YvmyNm96fd8DTs8tvwQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 22:01:18 GMT
age: 48690
etag: "626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dd6622433d537fbb91a04bd3b57d873
552f216608b819b4f65f0574e421f4a761f0d721
5e9b03133d928378a775ab52ec6e58cd7753aa2975a4966534353c0d6bc46af5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 20d9459a-710b-4fcf-bfce-9f0c5f513740
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEqGPnoAMFcDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12884-4a93ab9047181db109d328e2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qFwWS-f0U1hSbrFFgBiGNzXRvZyvR90n_MI7jfYfWsyv2W6jH8D-9w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 03:23:59 GMT
age: 29329
etag: "552f216608b819b4f65f0574e421f4a761f0d721"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sibautomation.com/cdn-cgi/rum?
200 OK 0 B URL HTTP/2 sibautomation.com/cdn-cgi/rum?
IP
POST /cdn-cgi/rum? HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 506
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/cm.html?id=2990350
Cookie: uuid=ffca2c07-0395-4f08-8360-5058ad085621
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 11:32:55 GMT
server: cloudflare
cf-ray: 77d88a267b34b4ff-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 11:32:47 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d889f46c6c0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
185.107.232.127
93.184.220.29
143.204.42.156
104.18.34.145
95.101.11.115