82716742.virtualagro.ro/?serve=redirect&add_mail=ywrhdmlzqgnlywr2yw5jzwr0zwnolmnvbq0=
176.9.12.205302 Found 0 B URL HTTP/1.1 82716742.virtualagro.ro/?serve=redirect&add_mail=ywrhdmlzqgnlywr2yw5jzwr0zwnolmnvbq0=
IP 176.9.12.205:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Outlook
GET /?serve=redirect&add_mail=ywrhdmlzqgnlywr2yw5jzwr0zwnolmnvbq0= HTTP/1.1
Host: 82716742.virtualagro.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
X-Powered-By: PHP/7.4.12
Set-Cookie: PHPSESSID=a6e5b1dbfe8f300ccdd0edbe6abe59e6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Location: info.php?cmake=VGhpcyBpcyB_hbiBlbmNvZGVkIHN0&vmake=ab9c24
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Sun, 02 Oct 2022 12:25:44 GMT
Server: LiteSpeed
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/
18.164.68.15200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.15:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 12:03:10 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 78422fc9f2f4174ccb5edceac9b7f1f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: RvLI4h8MK9lcTWhuTuB4cFiVYIbSRluc5aeY42KOg9bg8OhR-omjRg==
Age: 1354
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4240
Expires: Sun, 02 Oct 2022 13:36:24 GMT
Date: Sun, 02 Oct 2022 12:25:44 GMT
Connection: keep-alive
82716742.virtualagro.ro/info.php?cmake=VGhpcyBpcyB_hbiBlbmNvZGVkIHN0&vmake=ab9c24
176.9.12.205200 OK 153 B URL HTTP/1.1 82716742.virtualagro.ro/info.php?cmake=VGhpcyBpcyB_hbiBlbmNvZGVkIHN0&vmake=ab9c24
IP 176.9.12.205:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with no line terminators
Hash 3bec4c715bc6f9f59e68d1bb157fdc42
266c5274f3c8044786a47bd6675803545403d6c8
8ef571ab92f5ea8a1dceeacf96752e7bd298fcaf94c8c7451d9015e074a39a08
GET /info.php?cmake=VGhpcyBpcyB_hbiBlbmNvZGVkIHN0&vmake=ab9c24 HTTP/1.1
Host: 82716742.virtualagro.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=a6e5b1dbfe8f300ccdd0edbe6abe59e6
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
X-Powered-By: PHP/7.4.12
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 153
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 02 Oct 2022 12:25:44 GMT
Server: LiteSpeed
Connection: Keep-Alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.39200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.39:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 890956aa1c00640d3d3a57403fa234d0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 0lk3NyQpEqmDEFgLdiuqco-I6vo_CPNN7mTPD-JoHV-TOS8L5FzKkA==
age: 31948
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 12:25:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
82716742.virtualagro.ro/redirect.to.php?_Sk=00-07-92-29&spc=314e7f0331e8bcb7b53b751d059
176.9.12.205302 Found 0 B URL HTTP/1.1 82716742.virtualagro.ro/redirect.to.php?_Sk=00-07-92-29&spc=314e7f0331e8bcb7b53b751d059
IP 176.9.12.205:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.to.php?_Sk=00-07-92-29&spc=314e7f0331e8bcb7b53b751d059 HTTP/1.1
Host: 82716742.virtualagro.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82716742.virtualagro.ro/info.php?cmake=VGhpcyBpcyB_hbiBlbmNvZGVkIHN0&vmake=ab9c24
Cookie: PHPSESSID=a6e5b1dbfe8f300ccdd0edbe6abe59e6
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
X-Powered-By: PHP/7.4.12
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Location: https://login.i.antnues.com/aOvhrWFK#ywrhdmlzqgnlywr2yw5jzwr0zwnolmnvbq0=
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Sun, 02 Oct 2022 12:25:44 GMT
Server: LiteSpeed
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.15200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.15:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 12:17:15 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 12:31:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 10941cc38a4a46e6d9b0644cce542a52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: k3HUhFeWUT6vIFef4iYZtktl5gy-MMmq79Eiyvk6sEF0kcKqMW3-pQ==
Age: 3172
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c0faadc9178feb503b9118d129324fc
7640972925d384b213cdc3a7bc42b3fc6a43e23d
5e70080e71c245a4208571491891a8116563ac7757960c4506c9bee6e3fb2744
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E70080E71C245A4208571491891A8116563AC7757960C4506C9BEE6E3FB2744"
Last-Modified: Sun, 02 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Sun, 02 Oct 2022 18:24:58 GMT
Date: Sun, 02 Oct 2022 12:25:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5647
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 12:25:45 GMT
Last-Modified: Sun, 02 Oct 2022 10:51:38 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
login.i.antnues.com/aOvhrWFK
139.144.56.223302 Found 0 B URL HTTP/1.1 login.i.antnues.com/aOvhrWFK
IP 139.144.56.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aOvhrWFK HTTP/1.1
Host: login.i.antnues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://82716742.virtualagro.ro/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Content-Type: text/html
Location: https://login.i.antnues.com/
Set-Cookie: aZyX=469a1b1c93c8951dd1259200d9e61a48c78e0a8f9dcff1ff0c5c9f3b1e1274c5; Path=/; Domain=i.antnues.com; Expires=Sun, 02 Oct 2022 13:25:45 GMT; Max-Age=3600
Transfer-Encoding: chunked
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wuf4Wu4HVIS1B0jadvSboA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +K6uEL2SJTeiGOG4d0FfLW8f+30=
login.i.antnues.com/
139.144.56.223302 Found 753 B IP 139.144.56.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash cf034b58a5374d3159aaab918be3d162
5659b2c39a2f8862d71fd87f64da12a92074dfcc
c1f0204a1c805fa8268e46397da2abd5772e89ceae1859618e53dc55596f8837
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: login.i.antnues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://82716742.virtualagro.ro/
Connection: keep-alive
Cookie: aZyX=469a1b1c93c8951dd1259200d9e61a48c78e0a8f9dcff1ff0c5c9f3b1e1274c5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 12:25:45 GMT
Expires: -1
Location: https://www.i.antnues.com/login
P3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: fpc=AgPVp_Gxw9FPrM1sOKoU5Do; Path=/; Expires=Tue, 01 Nov 2022 12:25:45 GMT; HttpOnly; Secure; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevroA5Fq4dbNWq8trsIeXD-ETMWOV48pV8x_ERCsBxc97SEnxLT4W-J-M4AS6bpAGbGpiX0h1CYJO0U9mSx83Wd4OMUg0yt_9XcFvwVdSgYDeweDKJdK-yG-1W7YNuintY9hdDhZXitej3KrxjPxMgjXiplZuCE85qlGJ1jnvKNQuxfytnTjgM5Jpq_kE2JutKCoBb3QeX0jmRH2t3BGEffsq9WsMf3ZYXd3_oRiHmi0U8gAA; Path=/; Domain=login.i.antnues.com; HttpOnly; Secure; SameSite=None
x-ms-gateway-slice=estsfd; Path=/; HttpOnly; Secure; SameSite=None
stsservicecookie=estsfd; Path=/; HttpOnly; Secure; SameSite=None
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Ms-Ests-Server: 2.1.13777.5 - NCUS ProdSlices
X-Ms-Request-Id: 25d26a4f-a317-41e8-acb5-4ba661654900
www.i.antnues.com/login
139.144.56.223302 Found 0 B IP 139.144.56.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /login HTTP/1.1
Host: www.i.antnues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://82716742.virtualagro.ro/
Connection: keep-alive
Cookie: aZyX=469a1b1c93c8951dd1259200d9e61a48c78e0a8f9dcff1ff0c5c9f3b1e1274c5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 12:25:45 GMT
Location: https://login.i.antnues.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638003103462532508.NjUxMzg5OWQtMmVmNy00Zjc3LWFhMGEtYWI1MTA1NjA1ZGJmMjczYWJiYzMtMjM1ZC00NDJhLTg3ZTEtZDE0OTM5MmJjMzc3&ui_locales=en-US&mkt=en-US&state=AUtBJyLsFcXYzuo5hvFl_bbcoI9c1GxXFaa-AcXm0J6tne2UNlugnEbiASUle8nGcY3YGEOprQ-Ljkvpq8jd85zh2UegSPbs3q9rqHhPyqhYVL_WGiX4nk_7sROGhVms54L2HzgO4ioQN4Yncvs9Ni7deqxIzznlLzB43B7zgFXNK5vqGj_usBsnLbJIORjRN-wfwJJIl_vCBFg9_j0qHqHMre9HOgcQZOaw7Ta9pwTszhzGRSI7jf1ofu2iTQzAWgsK0mkQ_qoapGLY4BQhZg&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
Referrer-Policy: strict-origin-when-cross-origin
Request-Context: appId=
Set-Cookie: OH.DCAffinity=OH-eus; Path=/; Expires=Sun, 02 Oct 2022 20:25:46 GMT; HttpOnly; Secure; SameSite=None
OH.FLID=61e87d7a-6254-4c36-ac53-cc01110a7aaa; Path=/; Expires=Mon, 02 Oct 2023 12:25:46 GMT; HttpOnly; Secure; SameSite=None
OH.SID=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
.AspNetCore.OpenIdConnect.Nonce.-5Q4bgiTPw5dby0k9NCezXcMQ8x-eU4qTYStAd2N1EjcEYqZgdqcUxwwpljjyo6paUjyoqAq2ENkncrDs0rRX89BpSBFZGvJhY-3FRbcXSLp6O443fMO3WLSJQ9w6n_Q8dKZFJTQXfCCy9PH9QEaCJDuHOS1db_LVCTxJtUVffaLzeUTnv9ln7HDciB8JLL7AWctMncOfTGZTnYjnnTqKfnh5j9dxkCiOuXM1yhMO4YgSWu295sNDM2ZocgL5mI4=N; Path=/; Expires=Sun, 02 Oct 2022 12:40:46 GMT; HttpOnly; Secure; SameSite=None
.AspNetCore.Correlation.OpenIdConnectV2.vdvJtMkLU4yhbG3AofLn4Zxf_7Hb3K9SWaf0GW-6n-I=N; Path=/; Expires=Sun, 02 Oct 2022 12:40:46 GMT; HttpOnly; Secure; SameSite=None
MUID=3D32741724E86DF3121F662625BE6CAE; Path=/; Domain=i.antnues.com; Expires=Fri, 27 Oct 2023 12:25:46 GMT; Secure
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: CONFIG_NOCACHE
X-Msedge-Ref: Ref A: C0411A1D30B4448FB093A5CE473E9746 Ref B: ATL331000106011 Ref C: 2022-10-02T12:25:46Z
X-Ua-Compatible: IE=edge,chrome=1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Sun, 02 Oct 2022 13:08:57 GMT
Date: Sun, 02 Oct 2022 12:25:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Sun, 02 Oct 2022 13:08:57 GMT
Date: Sun, 02 Oct 2022 12:25:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Sun, 02 Oct 2022 13:08:57 GMT
Date: Sun, 02 Oct 2022 12:25:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 50671
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Sun, 02 Oct 2022 13:08:57 GMT
Date: Sun, 02 Oct 2022 12:25:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63464d04-a2f9-451b-a399-53362af292c5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63464d04-a2f9-451b-a399-53362af292c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d99550eb468960005df780c03ab6ecfc
03111ce2048e8bc5be100ff3a746da2e664f8aab
9dcd18e02621fa95d846be7c951e7353f24aa68a282ee0b693e7e5da38c3cfcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63464d04-a2f9-451b-a399-53362af292c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10679
x-amzn-requestid: fae3b86e-6f85-485f-81e4-22b7b17f30f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWRkYF2tIAMF-OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338c94f-486c76da111696471e3905f2;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:12:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pe_QGNBoHXgRmbc9NTUXuTUrczTLo64vqrbJBn9YtzQgc8Db8b0MsA==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 07:28:55 GMT
age: 17811
etag: "03111ce2048e8bc5be100ff3a746da2e664f8aab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 52633
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 52632
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 27886
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 52630
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.i.antnues.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638003103462532508.NjUxMzg5OWQtMmVmNy00Zjc3LWFhMGEtYWI1MTA1NjA1ZGJmMjczYWJiYzMtMjM1ZC00NDJhLTg3ZTEtZDE0OTM5MmJjMzc3&ui_locales=en-US&mkt=en-US&state=AUtBJyLsFcXYzuo5hvFl_bbcoI9c1GxXFaa-AcXm0J6tne2UNlugnEbiASUle8nGcY3YGEOprQ-Ljkvpq8jd85zh2UegSPbs3q9rqHhPyqhYVL_WGiX4nk_7sROGhVms54L2HzgO4ioQN4Yncvs9Ni7deqxIzznlLzB43B7zgFXNK5vqGj_usBsnLbJIORjRN-wfwJJIl_vCBFg9_j0qHqHMre9HOgcQZOaw7Ta9pwTszhzGRSI7jf1ofu2iTQzAWgsK0mkQ_qoapGLY4BQhZg&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
139.144.56.223200 OK 201 kB URL HTTP/1.1 login.i.antnues.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638003103462532508.NjUxMzg5OWQtMmVmNy00Zjc3LWFhMGEtYWI1MTA1NjA1ZGJmMjczYWJiYzMtMjM1ZC00NDJhLTg3ZTEtZDE0OTM5MmJjMzc3&ui_locales=en-US&mkt=en-US&state=AUtBJyLsFcXYzuo5hvFl_bbcoI9c1GxXFaa-AcXm0J6tne2UNlugnEbiASUle8nGcY3YGEOprQ-Ljkvpq8jd85zh2UegSPbs3q9rqHhPyqhYVL_WGiX4nk_7sROGhVms54L2HzgO4ioQN4Yncvs9Ni7deqxIzznlLzB43B7zgFXNK5vqGj_usBsnLbJIORjRN-wfwJJIl_vCBFg9_j0qHqHMre9HOgcQZOaw7Ta9pwTszhzGRSI7jf1ofu2iTQzAWgsK0mkQ_qoapGLY4BQhZg&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
IP 139.144.56.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25277), with CRLF, LF line terminators
Size 201 kB (201405 bytes)
Hash d4b1f2f94e5e2a9de3c4ddbdb8e443df
482be992d0f576957d52d0273ecb1d206e925045
3feff29b95d558fedcf116f8df0da35a8ec769defcff848874d6505f71ac873e
GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638003103462532508.NjUxMzg5OWQtMmVmNy00Zjc3LWFhMGEtYWI1MTA1NjA1ZGJmMjczYWJiYzMtMjM1ZC00NDJhLTg3ZTEtZDE0OTM5MmJjMzc3&ui_locales=en-US&mkt=en-US&state=AUtBJyLsFcXYzuo5hvFl_bbcoI9c1GxXFaa-AcXm0J6tne2UNlugnEbiASUle8nGcY3YGEOprQ-Ljkvpq8jd85zh2UegSPbs3q9rqHhPyqhYVL_WGiX4nk_7sROGhVms54L2HzgO4ioQN4Yncvs9Ni7deqxIzznlLzB43B7zgFXNK5vqGj_usBsnLbJIORjRN-wfwJJIl_vCBFg9_j0qHqHMre9HOgcQZOaw7Ta9pwTszhzGRSI7jf1ofu2iTQzAWgsK0mkQ_qoapGLY4BQhZg&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 HTTP/1.1
Host: login.i.antnues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://82716742.virtualagro.ro/
Connection: keep-alive
Cookie: aZyX=469a1b1c93c8951dd1259200d9e61a48c78e0a8f9dcff1ff0c5c9f3b1e1274c5; fpc=AgPVp_Gxw9FPrM1sOKoU5Do; esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevroA5Fq4dbNWq8trsIeXD-ETMWOV48pV8x_ERCsBxc97SEnxLT4W-J-M4AS6bpAGbGpiX0h1CYJO0U9mSx83Wd4OMUg0yt_9XcFvwVdSgYDeweDKJdK-yG-1W7YNuintY9hdDhZXitej3KrxjPxMgjXiplZuCE85qlGJ1jnvKNQuxfytnTjgM5Jpq_kE2JutKCoBb3QeX0jmRH2t3BGEffsq9WsMf3ZYXd3_oRiHmi0U8gAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; MUID=3D32741724E86DF3121F662625BE6CAE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 12:25:45 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: buid=0.AQMAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr2QRUpz_onJHzhaAW5gpMIUQbCZrCp_sJ2mXs_sB4H3qpl0L55EW-Ehhst0OsPq1DL1EIAvtPRnrSsusRYYDyURO2MfgNZ6x6jy9tlvbYXhcgAA; Path=/; Expires=Tue, 01 Nov 2022 12:25:46 GMT; HttpOnly; Secure; SameSite=None
fpc=AgPVp_Gxw9FPrM1sOKoU5Dq8Ae7AAQAAAEp6y9oOAAAA; Path=/; Expires=Tue, 01 Nov 2022 12:25:46 GMT; HttpOnly; Secure; SameSite=None
x-ms-gateway-slice=estsfd; Path=/; HttpOnly; Secure; SameSite=None
stsservicecookie=estsfd; Path=/; HttpOnly; Secure; SameSite=None
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Dns-Prefetch-Control: on
X-Ms-Clitelem: 1,0,0,,
X-Ms-Ests-Server: 2.1.13777.5 - NCUS ProdSlices
X-Ms-Request-Id: 1a56c5a4-69ce-4034-a221-debeb4a33c00
aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
13.107.227.53200 OK 111 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (64616)
Size 111 kB (111355 bytes)
Hash 25fafbc9bcfe9b49cdbf3ff4f2ee2bd5
76793da44af29d7e757fa9fa926dd35b2dd569a0
9a34deb91b46c14026d377ae47e7d87d5ac2c6ac9cdddc4e24ab298610e0aa62
GET /shared/1.0/content/js/ConvergedLogin_PCore_ZuzZ0B9zaPr4yfAbYf7RGA2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Origin: https://login.i.antnues.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 111355
content-type: application/x-javascript
content-encoding: gzip
content-md5: Jfr7ybz+m0nNvz/08u4r1Q==
last-modified: Fri, 02 Sep 2022 23:41:46 GMT
etag: 0x8DA8D3CB2C71735
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: ce1866f8-b01e-0000-3110-d23773000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0cy44YwAAAADWzAT74uSCSaNnoUf+5EIsRlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAADIW66RRhpqRZ5jIdNsnWSDT1NMMjMxMDUwMjA1MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:46 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
13.107.227.53200 OK 17 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 923c5ee6-201e-0011-7012-d2ac53000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 02VQyYwAAAACk0UGFGSrzSbjg1+7u+JpXRlJBMjMxMDUwNDE4MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAACIl9j5v1RYSqPZYT5F14SlT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
13.107.227.53200 OK 20 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (61177)
Hash f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 19970
content-type: text/css
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: d0999edf-901e-0046-7b56-d51e6e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0iNc4YwAAAAC8aM/ACi2zSoqsaNwIIF2QRlJBMjMxMDUwNDE4MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAADi0j/Y5JKFQ6anu4a5POyCT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js
13.107.227.53200 OK 14 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (32021)
Hash 27d5c62bb9976ad238170067974cd1d4
e2385d2173597c82ffbdf9551f0cbef321799b09
68d960604f379395e41221aa3aac803f32f816b969d9ffb1e5e3ad2279349d5d
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 13605
content-type: application/x-javascript
content-encoding: gzip
content-md5: J9XGK7mXatI4FwBnl0zR1A==
last-modified: Sat, 03 Sep 2022 02:17:03 GMT
etag: 0x8DA8D52642E065B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b1848b04-b01e-0084-23eb-d1cc2e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0eXgyYwAAAAB4PmxG+iz9TJzYB028jbRKRlJBMjMxMDUwNDE4MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAAAC2jWErIbKTKa8vTJa912NT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js
13.107.227.53200 OK 5.5 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (14775)
Hash 18132af1bec5ec4533834a1ed9b233ae
6333f996d286e0c79be41d52e078de9a58ddf647
27b7605de18bde9dce7b7d855e8c548c4c3d1e83b61de3f0cbc5138e1b6ee61d
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_49afc9cacb9cfd40c503.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 5529
content-type: application/x-javascript
content-encoding: gzip
content-md5: GBMq8b7F7EUzg0oe2bIzrg==
last-modified: Tue, 26 Jul 2022 23:52:03 GMT
etag: 0x8DA6F61D6ECB178
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: fcd1bd65-a01e-0025-6d1c-d2214a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0MYEyYwAAAAAg8kVAFQKEQIHFhTeedsG4RlJBMjMxMDUwNDE3MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAABK3+P4XoOcTZePBaUlGuiZT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
13.107.227.53200 OK 2.7 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 352 x 3\012- data
Hash 166de53471265253ab3a456defe6da23
17c6df4d7ccf1fa2c9efd716fbae0fc2c71c8d6d
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
GET /shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 2672
content-type: image/gif
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
etag: 0x8D79B83739984DD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 8fc92bae-501e-0032-5212-d24066000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fWkyYwAAAABrW5CKIAZGSodrpYJk7SMbRlJBMjMxMDUwNDE4MDI1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAADPuMieQPgGQ6/i7OudlJl9T1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
13.107.227.53200 OK 3.6 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 352 x 3\012- data
Hash b540a8e518037192e32c4fe58bf2dbab
3047c1db97b86f6981e0ad2f96af40cdf43511af
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
GET /shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 3620
content-type: image/gif
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373B17F89
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 0a8b8fbc-901e-0002-080b-d26177000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0pjE0YwAAAAAM05YgDGKKR6/bbPF4iSf9RlJBMjMxMDUwNDE4MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAACnErwQwyXRR4Vza7hH8GNbT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
13.107.227.53200 OK 32 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (33036)
Hash 9b2ba0b90905402b0da85cef7af2e436
3751ef6b1a088aa49132b5e0d108037be750ced3
45d424f75fc4103008c354083723d72f85ba56347acac6e487026dba2b3f4149
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6b8fffaf21337fcc3970.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 32176
content-type: application/x-javascript
content-encoding: gzip
content-md5: myuguQkFQCsNqFzvevLkNg==
last-modified: Mon, 15 Aug 2022 19:41:54 GMT
etag: 0x8DA7EF6352C5B49
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 52ee69a4-e01e-0075-4554-d14279000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0QaIyYwAAAAATa7PuQ927Q4ZCkHSsJpz3QU1TMDRFREdFMTgxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0S4M5YwAAAAA2DXB/sin1S71HLAT6Nmh8T1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
13.107.227.53200 OK 673 B URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Hash 0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: d60e2286-301e-0024-2b0d-d20a48000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0RHYyYwAAAABqivR0S3eDS7nIoD+8quiERlJBMjMxMDUwNDE4MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0S4M5YwAAAACNomy3hdNhT44uCWDENQpjT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
13.107.227.53200 OK 1.4 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash 9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 1435
content-type: image/svg+xml
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
etag: 0x8D79B8373CB2849
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: be898e47-801e-0037-604e-d0c76c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0SqIyYwAAAAAG1xVtYYxaRq1TeGekz6/CQU1TMDRFREdFMTgxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0S4M5YwAAAACy4b9guXwISJOeED9Uhk5zT1NMMjMxMDUwMjA1MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:47 GMT
X-Firefox-Spdy: h2
login.live.com/Me.htm?v=3
20.190.160.15200 OK 1.1 kB URL HTTP/1.1 login.live.com/Me.htm?v=3
IP 20.190.160.15:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
Hash 9c08f0f5b411918572bb176b56d4b747
12814f1ffd1c414337cfc57da7561f4386ec8b67
d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Wed, 29 Sep 2032 12:25:47 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 9688f0f9-c014-457b-90d8-664b00d745f6
PPServer: PPV: 30 H: BL02PF53AA677B1 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=8b7c04a59aa845f2b60ebf4609e90251; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1664713547&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Sun, 02 Oct 2022 12:25:47 GMT
Content-Length: 1132
aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
13.107.227.53200 OK 20 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (61177)
Hash f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Origin: https://login.i.antnues.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 19970
content-type: text/css
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
etag: 0x8DA7650B37ACC3D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: d0999edf-901e-0046-7b56-d51e6e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0iNc4YwAAAAC8aM/ACi2zSoqsaNwIIF2QRlJBMjMxMDUwNDE4MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0UIM5YwAAAADr1W2Pub5bSK0lLoeuoRTCT1NMMjMxMDUwMjA1MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:51 GMT
X-Firefox-Spdy: h2
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js
13.107.227.53200 OK 14 kB URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (32021)
Hash 27d5c62bb9976ad238170067974cd1d4
e2385d2173597c82ffbdf9551f0cbef321799b09
68d960604f379395e41221aa3aac803f32f816b969d9ffb1e5e3ad2279349d5d
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_dcseeolyp_bhtl1lcmdobw2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.i.antnues.com/
Origin: https://login.i.antnues.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 13605
content-type: application/x-javascript
content-encoding: gzip
content-md5: J9XGK7mXatI4FwBnl0zR1A==
last-modified: Sat, 03 Sep 2022 02:17:03 GMT
etag: 0x8DA8D52642E065B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b1848b04-b01e-0084-23eb-d1cc2e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0eXgyYwAAAAB4PmxG+iz9TJzYB028jbRKRlJBMjMxMDUwNDE4MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0UIM5YwAAAADAI5PzE7D/SI805PCBOPxST1NMMjMxMDUwMjA1MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
date: Sun, 02 Oct 2022 12:25:51 GMT
X-Firefox-Spdy: h2