| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7a57f620f4b5b83c5c9520e881269446 d46ca3756afc5d9775c1e48c78b39d11574d507a 8417deae76018365ad55aabd7950ed99f429e02c3915626137695f90c955215b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8417DEAE76018365AD55AABD7950ED99F429E02C3915626137695F90C955215B"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17184
Expires: Sat, 25 Feb 2023 21:39:03 GMT
Date: Sat, 25 Feb 2023 16:52:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8083775b7a6637d27672cc4a2581fa2d 023420d026fbf2cd0f69d5606524094011375202 66664ed1d36948fe99498950e3525d03c1797689c9186c4cd0bd5ded531b3bac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66664ED1D36948FE99498950E3525D03C1797689C9186C4CD0BD5DED531B3BAC"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14447
Expires: Sat, 25 Feb 2023 20:53:26 GMT
Date: Sat, 25 Feb 2023 16:52:39 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Feb 2023 16:12:29 GMT
content-type: application/json
age: 2410
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash29cfccb9238759ed21dbb0d92cae75f8 f41ad1b02e353cd2b33af7618c71cc16fae2886e 91e392e78e584e8a82762dab0d5615aa1af3893237d601db3d45bb6fad488580
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91E392E78E584E8A82762DAB0D5615AA1AF3893237D601DB3D45BB6FAD488580"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4116
Expires: Sat, 25 Feb 2023 18:01:15 GMT
Date: Sat, 25 Feb 2023 16:52:39 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0dAkuX6+tws11mZPKwLOrPdhDlwRTOFVEHsaMp/BZid8BbJvuXoucJ37hueSD2V0bS+7k4NrU1k=
x-amz-request-id: 59A7FK08VPQ6GJ9J
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Feb 2023 16:13:21 GMT
age: 2358
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash16862ba46de936d89d6b499d6c84f6b5 7c39a9b302babb8df57246387a700d8b40509444 db1389955840aba33f95a172b110411802fb48833fc58dc7f32bfdcddbe5f9db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1389955840ABA33F95A172B110411802FB48833FC58DC7F32BFDCDDBE5F9DB"
Last-Modified: Fri, 24 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sat, 25 Feb 2023 22:52:38 GMT
Date: Sat, 25 Feb 2023 16:52:39 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 16:52:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Feb 2023 16:12:23 GMT
age: 2416
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb1d73c7d1e3e594a7be10b7ac62176ac 46105f3b581c409f00524674825c08343e4d71d1 7b31674705946d30e1822ddca8008520258d81a32cb11fadeded012dac2b0d13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B31674705946D30E1822DDCA8008520258D81A32CB11FADEDED012DAC2B0D13"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18574
Expires: Sat, 25 Feb 2023 22:02:13 GMT
Date: Sat, 25 Feb 2023 16:52:39 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.148.84.125 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.84.125:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: odh+DVFD2P1Ayy9lt33CUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bx8djdRKtZbCb7F8jTk0Npo4NjY=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17548
Expires: Sat, 25 Feb 2023 21:45:09 GMT
Date: Sat, 25 Feb 2023 16:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17548
Expires: Sat, 25 Feb 2023 21:45:09 GMT
Date: Sat, 25 Feb 2023 16:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17548
Expires: Sat, 25 Feb 2023 21:45:09 GMT
Date: Sat, 25 Feb 2023 16:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17548
Expires: Sat, 25 Feb 2023 21:45:09 GMT
Date: Sat, 25 Feb 2023 16:52:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17548
Expires: Sat, 25 Feb 2023 21:45:09 GMT
Date: Sat, 25 Feb 2023 16:52:41 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6d50cc-511f-4cf2-9587-269ed2b5bf7a.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6d50cc-511f-4cf2-9587-269ed2b5bf7a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash18ac490500cba961f269960b7549824f 8a9c31653ea1e5265867e6de2d302a44555aa109 97af3735bb13e722bf0c0e50f9770b4bba8acfa7a6a8cf7da0804b6383cc49af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6d50cc-511f-4cf2-9587-269ed2b5bf7a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10191
x-amzn-requestid: a95f6d17-3c71-4a96-ab75-aa931c6b5d62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoE-KE4qoAMF4cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31b8d-38ce714b31f1fc795cd1f438;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: o-B-6u5o8WXHCdiXyCvSLiVa12h_a_YA_OujBP_ZaZ2NJ4EPKT9dxQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 22:25:36 GMT
age: 66425
etag: "8a9c31653ea1e5265867e6de2d302a44555aa109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F852f08d0-4a83-4677-b377-76b142ad7809.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F852f08d0-4a83-4677-b377-76b142ad7809.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash39c96c987141e7fd26794720cb5e404e 1f653fa921331acfe500fba81419fa493087ff0b d208290a18dea1dd2197b29b14cc5a2579ad6037bb09b58cb3df6c4da51c272a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F852f08d0-4a83-4677-b377-76b142ad7809.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9030
x-amzn-requestid: b58cb7ae-a7fb-4a65-9c13-2840a2004289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9JnGA9oAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbd6-5a548466075d66e10fe6f3b3;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q6S0LDEUkXL-EIl2WVK-tJJJWo3U5NAlObE8vI--ais0g6vSNeRNSA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 22:28:16 GMT
age: 66265
etag: "1f653fa921331acfe500fba81419fa493087ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6f1ddfc-3a0b-4aad-9b54-9381aef68a03.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6f1ddfc-3a0b-4aad-9b54-9381aef68a03.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash689a11f90be49f6c4c391dcdc0bf0555 71397c72459f802fa650ff8e2cc20e2f277759ec d175de174c666a194a8678b30e552128599a03cf4061967f20983ba3b6abb047
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6f1ddfc-3a0b-4aad-9b54-9381aef68a03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8783
x-amzn-requestid: cd01305e-9e61-49b9-abd2-2a65ff3e6d0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoE-KEoFIAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31b8d-790166a67c5af1c7473594db;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3VLmyAznDR8dU7w3NxvM-ZrRQASAx3CRoD4DyI1Nr4lzDnTz4hbO2A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 13:15:08 GMT
age: 13053
etag: "71397c72459f802fa650ff8e2cc20e2f277759ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg | 34.120.237.76 | 200 OK | 2.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash94622f58aa91b60efcab072bbfc1b8fc 481c511819075f80bacc5cca0b50c3650b5789d1 767c220ed09fbb28216023785c3609993185463dea0fcdc6cb355d6d00acd6b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2433
x-amzn-requestid: 3a5f1c1f-1ca5-4eee-8c06-81c39cdc50e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax_GNGxSoAMFgcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f71227-6dc64ff14371aff74d9b72cd;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:13:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ikpKkIjUabBjpu1oZEt24cEdeswhB2SiiXgcdH0yheDU18MR5biEcw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 07:18:14 GMT
age: 34467
etag: "481c511819075f80bacc5cca0b50c3650b5789d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363345a7-425e-4498-8aa7-e16250bedd66.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363345a7-425e-4498-8aa7-e16250bedd66.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf5c457f02a50b085b748b7e806f166f7 a7b75438ba91b71e023e2e6e355563ac2635bf25 7607c112a56f9893b0c491cad54d7d83be0fa414e69dd44c251e074e15877f6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363345a7-425e-4498-8aa7-e16250bedd66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5269
x-amzn-requestid: e6460273-d038-41fa-9915-5f5762feecab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A3QiUFqhIAMF5sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f92e0e-6c3baead0e2b8845557bf7e9;Sampled=0
x-amzn-remapped-date: Fri, 24 Feb 2023 21:37:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 07pNAHZlG7fP3dgG0eb-onMglfj9-wP2RAFShvr3b-MkOECPQZaSdA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:45:57 GMT
age: 68804
etag: "a7b75438ba91b71e023e2e6e355563ac2635bf25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2a5f3d376fe6a3a78a5d1fe136f962fb 3e9b03cc296e954d63526a4e7e75beea3130fc3b c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGDTF9U77Y1pmqtYk-yDa2GsiRraTcwCOBV-yAzDPT2PvS89NeCtZg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:34:58 GMT
age: 69463
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| jes.office365-sharefile-accor.in/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638129407639390213.MGE5YjE5MzgtNDgwYi00NDE4LWJkZjUtZjc5ZmFiZjliZWJlMDA1ZmYxZWQtNWE1ZC00NTNhLTlhOWEtMTkzMGNhNWVkNGVk&ui_locales=en-US&mkt=en-US&state=71vJdyAAr7jeujdYwKfOdfXMosvFkOq082VHGmX_vZ6oGZHz5Q6gWB1m9rIX5TUDyjYlMOl3zIm7tP0mrKhMoz_UVck6nYRUBnrcrjdmaY8xx1BnGOVC_KYC2-Op35yBRB8UOJNwQAqBD5oAMh0CVRHYfD_bU9L5WxhKZ0DGu5pTxDC9QmW8BHvgVXmvRcU1d4dCxaELODMfaUz_ejZYNLT1n2shudCa61Rbc2Gq3ns0SVYKOtp5RiLuUSEGfGXochDOQJgJ5U-fvlfn4AWf9w&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 | 79.133.110.222 | 200 OK | 0 B |
URL HTTP/2jes.office365-sharefile-accor.in/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638129407639390213.MGE5YjE5MzgtNDgwYi00NDE4LWJkZjUtZjc5ZmFiZjliZWJlMDA1ZmYxZWQtNWE1ZC00NTNhLTlhOWEtMTkzMGNhNWVkNGVk&ui_locales=en-US&mkt=en-US&state=71vJdyAAr7jeujdYwKfOdfXMosvFkOq082VHGmX_vZ6oGZHz5Q6gWB1m9rIX5TUDyjYlMOl3zIm7tP0mrKhMoz_UVck6nYRUBnrcrjdmaY8xx1BnGOVC_KYC2-Op35yBRB8UOJNwQAqBD5oAMh0CVRHYfD_bU9L5WxhKZ0DGu5pTxDC9QmW8BHvgVXmvRcU1d4dCxaELODMfaUz_ejZYNLT1n2shudCa61Rbc2Gq3ns0SVYKOtp5RiLuUSEGfGXochDOQJgJ5U-fvlfn4AWf9w&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 IP79.133.110.222:0 ASN#202422 G-Core Labs S.A.
Analyzer | Verdict | Alert | openphish | Outlook | |
GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638129407639390213.MGE5YjE5MzgtNDgwYi00NDE4LWJkZjUtZjc5ZmFiZjliZWJlMDA1ZmYxZWQtNWE1ZC00NTNhLTlhOWEtMTkzMGNhNWVkNGVk&ui_locales=en-US&mkt=en-US&state=71vJdyAAr7jeujdYwKfOdfXMosvFkOq082VHGmX_vZ6oGZHz5Q6gWB1m9rIX5TUDyjYlMOl3zIm7tP0mrKhMoz_UVck6nYRUBnrcrjdmaY8xx1BnGOVC_KYC2-Op35yBRB8UOJNwQAqBD5oAMh0CVRHYfD_bU9L5WxhKZ0DGu5pTxDC9QmW8BHvgVXmvRcU1d4dCxaELODMfaUz_ejZYNLT1n2shudCa61Rbc2Gq3ns0SVYKOtp5RiLuUSEGfGXochDOQJgJ5U-fvlfn4AWf9w&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0 HTTP/1.1
Host: jes.office365-sharefile-accor.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: BIy8cM=ZjE1MWQwMDQtZjk1My00NzZkLWExZTEtZmNiMGNlOGNmNmQ0OjgwYTdjMzM4LWQyMjYtNGZjMi1hNWVmLWYzM2MwNGRmN2Y1MQ==; MUID=37BC481CADFC65461B615ADFAC9E64AB
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 16:52:46 GMT
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache
pragma: no-cache
vary: Accept-Encoding, Accept-Encoding
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: c4b07a08-cc05-476b-bff3-63102d8b3100
x-ms-ests-server: 2.1.14649.20 - WEULR1 ProdSlices
x-ms-clitelem: 1,0,0,,
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-allow-headers: *
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| jes.office365-sharefile-accor.in/ | 79.133.110.222 | 200 OK | 0 B |
URL HTTP/2jes.office365-sharefile-accor.in/ IP79.133.110.222:0 ASN#202422 G-Core Labs S.A.
Analyzer | Verdict | Alert | openphish | Outlook | | fortinet | Phishing | |
GET / HTTP/1.1
Host: jes.office365-sharefile-accor.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 16:52:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| jes.office365-sharefile-accor.in/ | 79.133.110.222 | 200 OK | 0 B |
URL HTTP/2jes.office365-sharefile-accor.in/ IP79.133.110.222:0 ASN#202422 G-Core Labs S.A.
Analyzer | Verdict | Alert | openphish | Outlook | | fortinet | Phishing | |
POST / HTTP/1.1
Host: jes.office365-sharefile-accor.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://jes.office365-sharefile-accor.in
Content-Length: 808
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 16:52:40 GMT
content-type: application/json
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| jes.office365-sharefile-accor.in/ | 79.133.110.222 | 302 Found | 0 B |
URL HTTP/2jes.office365-sharefile-accor.in/ IP79.133.110.222:0 ASN#202422 G-Core Labs S.A.
Analyzer | Verdict | Alert | openphish | Outlook | | fortinet | Phishing | |
GET / HTTP/1.1
Host: jes.office365-sharefile-accor.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: BIy8cM=ZjE1MWQwMDQtZjk1My00NzZkLWExZTEtZmNiMGNlOGNmNmQ0OjgwYTdjMzM4LWQyMjYtNGZjMi1hNWVmLWYzM2MwNGRmN2Y1MQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 25 Feb 2023 16:52:42 GMT
content-type: text/html; charset=utf-8
location: https://wwwofc.office365-sharefile-accor.in/login#
cache-control: no-store, no-cache
pragma: no-cache
vary: Accept-Encoding
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: d29d1161-d505-410a-a2eb-c02f98a36800
x-ms-ests-server: 2.1.14649.20 - WEULR1 ProdSlices
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| wwwofc.office365-sharefile-accor.in/login | 79.133.110.222 | 302 Found | 0 B |
URL HTTP/2wwwofc.office365-sharefile-accor.in/login IP79.133.110.222:0 ASN#202422 G-Core Labs S.A.
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /login HTTP/1.1
Host: wwwofc.office365-sharefile-accor.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: BIy8cM=ZjE1MWQwMDQtZjk1My00NzZkLWExZTEtZmNiMGNlOGNmNmQ0OjgwYTdjMzM4LWQyMjYtNGZjMi1hNWVmLWYzM2MwNGRmN2Y1MQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 25 Feb 2023 16:52:44 GMT
content-type: text/html; charset=utf-8
location: https://jes.office365-sharefile-accor.in/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.office365-sharefile-accor.in%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638129407639390213.MGE5YjE5MzgtNDgwYi00NDE4LWJkZjUtZjc5ZmFiZjliZWJlMDA1ZmYxZWQtNWE1ZC00NTNhLTlhOWEtMTkzMGNhNWVkNGVk&ui_locales=en-US&mkt=en-US&state=71vJdyAAr7jeujdYwKfOdfXMosvFkOq082VHGmX_vZ6oGZHz5Q6gWB1m9rIX5TUDyjYlMOl3zIm7tP0mrKhMoz_UVck6nYRUBnrcrjdmaY8xx1BnGOVC_KYC2-Op35yBRB8UOJNwQAqBD5oAMh0CVRHYfD_bU9L5WxhKZ0DGu5pTxDC9QmW8BHvgVXmvRcU1d4dCxaELODMfaUz_ejZYNLT1n2shudCa61Rbc2Gq3ns0SVYKOtp5RiLuUSEGfGXochDOQJgJ5U-fvlfn4AWf9w&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.16.0.0
vary: Accept-Encoding
request-context: appId=
referrer-policy: strict-origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ACDB0D18A2304181947718D8B3AF4421 Ref B: EWR311000106045 Ref C: 2023-02-25T16:52:43Z
access-control-allow-origin: *
access-control-allow-headers: *
set-cookie: OH.DCAffinity=OH-eus; expires=Tue, 21 Apr 2076 17:45:27 GMT; Path=/; Secure
OH.FLID=25b4079d-fc72-4729-945c-488a585032ef; expires=Wed, 21 Apr 2077 09:45:27 GMT; Path=/; Secure
.AspNetCore.OpenIdConnect.Nonce.45cRShGZWGkumpzhEcS5bvQ5rIbv5MC8Q37m47Xt1JemAF85-dSXgqTu3OLx9Sssc5A5GDzeN01LD01nz-7etarFad_C6IMnI9XNS8uiJ8t0xIWo1qawTxFmin7vKUubPyLBCR0Lr6N3qNqq-CS5Z4G9hPhQThElqIeOxApNf2ARhxa_B7Es_55C5idpZEfKWES_cLxwKNEw0E8cM-HecH6dANzXH1t7kadorWhw_ONCcjzIQaDteKKDfDu8Ae9Q=N; expires=Tue, 21 Apr 2076 10:00:27 GMT; Path=/; Secure
.AspNetCore.Correlation.JKuEchLgthKgfBRM2T5ylon72dfHwOGhAzkTUJWSaXI=N; expires=Tue, 21 Apr 2076 10:00:27 GMT; Path=/; Secure
MUID=37BC481CADFC65461B615ADFAC9E64AB; Domain=office365-sharefile-accor.in; expires=Sun, 16 May 2077 09:45:27 GMT; Path=/; Secure
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|