| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashec332b81a27117ce9c16b67a5a8e4fac b6d2afa2c859d000ad830d3d8d73f57bac6ffce2 1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19808
Expires: Tue, 21 Mar 2023 20:11:58 GMT
Date: Tue, 21 Mar 2023 14:41:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash00e304a3fc0c2f01af0e94fcefe0ca40 833969e75e5e13e823c8d97ee59a9821eb157ee3 c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17950
Expires: Tue, 21 Mar 2023 19:41:01 GMT
Date: Tue, 21 Mar 2023 14:41:51 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 14:14:58 GMT
content-type: application/json
age: 1613
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4e6141892ec4705c6a0134f3157b969d 4169fdea42b0fa9cb565e14b8e8fdb293575c78e 905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5912
Expires: Tue, 21 Mar 2023 16:20:23 GMT
Date: Tue, 21 Mar 2023 14:41:51 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h0/cUMiI+Uz5PZeBLgHLRxlE5Dnuo3L0FztglKuyBZazngx7X8iznncvGTjgb5tujpsFO6BKX20=
x-amz-request-id: 1EYCC31BQVS3CY57
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 13:59:09 GMT
age: 2562
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 14:41:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 14:14:33 GMT
age: 1638
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4c195a3fc0c2abb831630cef1dcfa770 eda338de3063640556177b9db364c33193d7f6dc c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13248
Expires: Tue, 21 Mar 2023 18:22:39 GMT
Date: Tue, 21 Mar 2023 14:41:51 GMT
Connection: keep-alive
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/authorize_client_id:3niqva4x-vywj-9l5c-pe48-ce17hrlvb862_m3pc5e8w0akzndg1h6ivtxlq2so4fr97bjuy940ut86zfjc27vasbix1ndq5wrp3egmhkylofecqgr70ulb5d6ni93tsk8xmhjz4ywa12opv/ | 192.185.54.248 | 302 Moved Temporarily | 6.8 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/authorize_client_id:3niqva4x-vywj-9l5c-pe48-ce17hrlvb862_m3pc5e8w0akzndg1h6ivtxlq2so4fr97bjuy940ut86zfjc27vasbix1ndq5wrp3egmhkylofecqgr70ulb5d6ni93tsk8xmhjz4ywa12opv/ IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash7164ead188707baf30885b877eb15984 50caecc83d32863c98a5648dbafe35897f0aad7c 57e7f65314149931321291cd82371c8a3947284bb265a120264cb4b1a13d4a18
GET /wp-includes/login/office/outlook/authorize_client_id:3niqva4x-vywj-9l5c-pe48-ce17hrlvb862_m3pc5e8w0akzndg1h6ivtxlq2so4fr97bjuy940ut86zfjc27vasbix1ndq5wrp3egmhkylofecqgr70ulb5d6ni93tsk8xmhjz4ywa12opv/ HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Tue, 21 Mar 2023 14:41:50 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: /wp-includes/login/office/outlook/authorize_client_id:p12g3jlq-6f89-nr8s-6gyo-nek1mqwajyfc_lab2dtg3pzkxe7cshq1n9564moji0yfr8uwvzgnrdikbt2caypfe5hslx039uo814mwqv7j6i1792sadwtlr3jk04qzn5yu8pfegbohmxv6c?status=putuser
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6759
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
|
|
| push.services.mozilla.com/ | 54.218.212.249 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.218.212.249:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LtiRmsw9cxFkUc47fEg/rA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lt+8zdQ2bMo9JG3eS8I++1VDJWc=
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/authorize_client_id:p12g3jlq-6f89-nr8s-6gyo-nek1mqwajyfc_lab2dtg3pzkxe7cshq1n9564moji0yfr8uwvzgnrdikbt2caypfe5hslx039uo814mwqv7j6i1792sadwtlr3jk04qzn5yu8pfegbohmxv6c?status=putuser | 192.185.54.248 | 200 OK | 6.8 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/authorize_client_id:p12g3jlq-6f89-nr8s-6gyo-nek1mqwajyfc_lab2dtg3pzkxe7cshq1n9564moji0yfr8uwvzgnrdikbt2caypfe5hslx039uo814mwqv7j6i1792sadwtlr3jk04qzn5yu8pfegbohmxv6c?status=putuser IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash0adc1d7ca45c78fc5650fc771fd628c6 c7c07c6c88579814bb9d308a0b002b3a029faaa9 f17708099cfda16664f58c5e4a3d6208b0c2fc8054eec7320829fb60aa2ff007
GET /wp-includes/login/office/outlook/authorize_client_id:p12g3jlq-6f89-nr8s-6gyo-nek1mqwajyfc_lab2dtg3pzkxe7cshq1n9564moji0yfr8uwvzgnrdikbt2caypfe5hslx039uo814mwqv7j6i1792sadwtlr3jk04qzn5yu8pfegbohmxv6c?status=putuser HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:51 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6756
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/css/style.css | 192.185.54.248 | 200 OK | 24 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/css/style.css IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (65536), with no line terminators Hash4bed058d1b244d466c2e85ac40857848 bc141659ef5c904c9396963369af21c46df88871 dd92effc913cabac7f383cdd0d6ba2c5a17047489bf94d54095de428284f1198
GET /wp-includes/login/office/outlook/css/style.css HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/noacc.png | 192.185.54.248 | 200 OK | 1.6 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/noacc.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 148 x 23, 8-bit/color RGBA, non-interlaced\012- data Hashd4ba6d3805381206e323ac3903d39f58 e83ba00accd6f22b655ae05d2232fa10d4a727c1 37b9fc582daf62db4435d5e57a767e9f66de99e8f9d138c7376b3c7c59a2e7be
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/noacc.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 1589
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/ellipsis_grey.svg | 192.185.54.248 | 200 OK | 915 B |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/ellipsis_grey.svg IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators Hash2b5d393db04a5e6e1f739cb266e65b4c 6a435df5cac3d58ccad655fe022ccf3dd4b9b721 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/ellipsis_grey.svg HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 915
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/sigopt.png | 192.185.54.248 | 200 OK | 1.0 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/sigopt.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 98 x 20, 8-bit/color RGBA, non-interlaced\012- data Hashd8354d11340e86f7b5508f16c99587bf 5eb7df94b8f7802b44db7e9d19067f974d83ae43 45bcfbb3d06eacae315e8f641dfcfa11af31da7d6a8e3dc002f00cbe193708e9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/sigopt.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 1023
Keep-Alive: timeout=5, max=75
Content-Type: image/png
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/ellipsis_white.svg | 192.185.54.248 | 200 OK | 915 B |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/ellipsis_white.svg IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators Hash5ac590ee72bfe06a7cecfd75b588ad73 dda2cb89a241bc424746d8cf2a22a35535094611 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/ellipsis_white.svg HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 915
Keep-Alive: timeout=5, max=75
Content-Type: image/svg+xml
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/sigin2.png | 192.185.54.248 | 200 OK | 1.4 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/sigin2.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 85 x 37, 8-bit/color RGBA, non-interlaced\012- data Hashe4956673cc7ad6849245798ed084f09b 63bf903b214a9366558cd253be16993d1aedde50 52437f983f1667f1d4043ea60d89e5f0f38acd4ca794eb77585b714490fbcea1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/sigin2.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 1439
Keep-Alive: timeout=5, max=75
Content-Type: image/png
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/cantacces.png | 192.185.54.248 | 200 OK | 1.5 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/cantacces.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 163 x 23, 8-bit/color RGBA, non-interlaced\012- data Hashd1e7a79d9f2c4db047cd94940e18d572 1b616e49df98516f4eac36234b16ab743b70400d 8f5537fcea8ad9835744175e3e6f04e5999c8fe1b98a032b7ffe8e1ce9835e58
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/cantacces.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 1510
Keep-Alive: timeout=5, max=75
Content-Type: image/png
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/api.php | 192.185.54.248 | 200 OK | 106 B |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/api.php IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeJSON data\012- , ASCII text, with no line terminators Hash352c6c098be80597e9713f6a8df8d1ba 3badc2082e749dc0cc9df3d91887832486b26fd4 560624855b4753ebdebb9c1fbf49ce9bcd8cb421ce2a1080d5ecd95e017f7bc3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
POST /wp-includes/login/office/outlook/api.php HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 147
Origin: http://www.sectionsystems.com
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 106
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/putmail.png | 192.185.54.248 | 200 OK | 607 B |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/putmail.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 43 x 32, 8-bit/color RGBA, non-interlaced\012- data Hash0b4db4605ecbd62823723922d5b01abd 0053d4c4b491a9c0c630127dc001730e08fe20a2 4e50e37d29c6a3c1f0f1ae57cb0ccb78d2c2f518ad53d8df37f3baae76e9c08a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/putmail.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 607
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/continue.png | 192.185.54.248 | 200 OK | 495 B |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/continue.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 110 x 34, 8-bit/color RGBA, non-interlaced\012- data Hashdc31e73948cb05800a773f42349bbcae 6e6451d7f91102c8ceaebe0e9fc25fe2b76e987f 97a4488434a10d406081498268d1c4452209922cf1c5802134ad9d3693c41112
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/continue.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 495
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
|
|
| secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.png?x=ed9c9eb0dce17d752bedea6b5acda6d9 | 104.110.16.53 | 200 OK | 1.1 kB |
URL HTTP/1.1secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.png?x=ed9c9eb0dce17d752bedea6b5acda6d9 IP104.110.16.53:0
File typePNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data Hashed9c9eb0dce17d752bedea6b5acda6d9 eca56c4904354eed5da0debcd6bd66856ab4784d f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
GET /ests/2.1.8148.16/content/images/microsoft_logo.png?x=ed9c9eb0dce17d752bedea6b5acda6d9 HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 1057
Content-Type: image/png
Content-MD5: 7ZyesNzhfXUr7eprWs2m2Q==
Last-Modified: Sat, 18 May 2019 23:34:32 GMT
Cache-Control: public, max-age=604800
Date: Tue, 21 Mar 2023 14:41:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/inv-big-background.png | 192.185.54.248 | 200 OK | 175 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/inv-big-background.png IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data Size175 kB (174883 bytes) Hash62ddd263c8a6a4c9074e205b91182d04 1b56d11b012dd79dd99212ebb54adcfb60920a9d a59ea699d353d00ff2999111f9fa11fb73a47eda7800642609ca230560ea3703
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/inv-big-background.png HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:52 GMT
Server: Apache
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 174883
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.sectionsystems.com/wp-includes/login/office/outlook/images/favicon.ico | 192.185.54.248 | 200 OK | 1.2 kB |
URL HTTP/1.1www.sectionsystems.com/wp-includes/login/office/outlook/images/favicon.ico IP192.185.54.248:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hash7cdd5a7e87e82d145e7f82358f9ebd04 265104cad00300e4094f8ce6a9edc86e54812ead 5d91563b6acd54468ae282083cf9ee3d2c9b2daa45a8de9cb661c2195b9f6cbf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /wp-includes/login/office/outlook/images/favicon.ico HTTP/1.1
Host: www.sectionsystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=c2657d67223c28f8b3e0bbbadea64ee4
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 14:41:53 GMT
Server: Apache
Last-Modified: Wed, 14 Dec 2022 13:26:02 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=604800
Expires: Tue, 28 Mar 2023 14:41:53 GMT
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4555
Expires: Tue, 21 Mar 2023 15:57:48 GMT
Date: Tue, 21 Mar 2023 14:41:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4555
Expires: Tue, 21 Mar 2023 15:57:48 GMT
Date: Tue, 21 Mar 2023 14:41:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4555
Expires: Tue, 21 Mar 2023 15:57:48 GMT
Date: Tue, 21 Mar 2023 14:41:53 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf73dbc0fc3d196647ddc1e30450989d4 75d0a1414a5d350ba426dc37333a6ea131f66753 2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: d81ObS_T4QBMAr1KU_lJ1hJC4FMqpJNCreDNuU481S4RZo3aQxMkaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:20:22 GMT
age: 26491
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd0e5cb0b321323913460ba1efd6b7b63 701eb0eb86c6673bbb6e85cf933bea53187b6048 150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: a-jsgTjZQKzBK_IFEYlrxbjpk6zou_7vbQe4ptwA1IOtUdlqDG2uWA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 13:27:42 GMT
age: 4451
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2a940b362660fdee25faaa51e08c439b 85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c 18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 59693
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe538277f72ecedd22d24c1012250fa9e 4bd955ea3790a6926486e3d56f51c712c56997d7 5f4d374598cfb1a78e7016ec3a0b563e61e7481be202c34b10c9fdfbfc7b638e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 3aaca817-ebbc-449f-806c-d5a2a7559335
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFEmFIAMFqhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-435381723c24efc66eed6b4b;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GIjvleZ9_Ylizb0wtrfvVrU8qtjVdojVpS3IGmBZaqtLha42eEMBJw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:17:11 GMT
age: 59082
etag: "4bd955ea3790a6926486e3d56f51c712c56997d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e5f234aedfabd736b50fef3017380f9 71672a6c3523d9999522e005091863d07ea0e94a 3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 60585
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash302595cc68fe8cf12121d0f652b3194d e5532a3fed552246e8a63ea2ba75e174273a7b9f 6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 02HknfEEVW-DU3f3sOQgfs_eL48pvEgV4ft__uRLXOFlDO5qX5tDsQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:49:06 GMT
age: 60767
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|