r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5394
Expires: Fri, 27 Jan 2023 21:10:50 GMT
Date: Fri, 27 Jan 2023 19:40:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Sat, 28 Jan 2023 01:13:00 GMT
Date: Fri, 27 Jan 2023 19:40:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13013
Expires: Fri, 27 Jan 2023 23:17:49 GMT
Date: Fri, 27 Jan 2023 19:40:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 18:42:59 GMT
content-type: application/json
age: 3477
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p7AkG56rHJCZXgLAf+/RkjrmX+bQauV1oTD5mpjGTV8Ma/djSJiGIIkbR5L6nF/m9KEAGCSuuiA=
x-amz-request-id: T7NK15KG78PKQGA6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 18:49:31 GMT
age: 3085
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 19:40:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
redstrongfoundation.org/nW1d0h3vF4z
301 Moved Permanently 0 B URL HTTP/1.1 redstrongfoundation.org/nW1d0h3vF4z
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /nW1d0h3vF4z HTTP/1.1
Host: redstrongfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 27 Jan 2023 19:40:56 GMT
Server: nginx/1.23.2
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://redstrongfoundation.org/nW1d0h3vF4z
X-Server-Cache: true
X-Proxy-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 18:49:03 GMT
age: 3114
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 850ae4f1e027f3e50261eab625736d6e
2560152fc21661f16a429d16794b7417bd21c915
06207ae68494b4af750b4c33fbb0b637f8e958e4aa6384c7a171ca3a1ac1d04e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06207AE68494B4AF750B4C33FBB0B637F8E958E4AA6384C7A171CA3A1AC1D04E"
Last-Modified: Fri, 27 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Sat, 28 Jan 2023 01:40:07 GMT
Date: Fri, 27 Jan 2023 19:40:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6404
Expires: Fri, 27 Jan 2023 21:27:41 GMT
Date: Fri, 27 Jan 2023 19:40:57 GMT
Connection: keep-alive
redstrongfoundation.org/nW1d0h3vF4z
404 Not Found 264 B URL HTTP/2 redstrongfoundation.org/nW1d0h3vF4z
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 18301fb73d14c559d73efeddaf3286f8
7770aebd1546c9efb4b769874d38698f859196cf
1e63febc9be60c83266fc1e33d6cb408dd7a4a67ab43b893ff1a52a294efdc0f
Analyzer Verdict Alert fortinet Phishing
GET /nW1d0h3vF4z HTTP/1.1
Host: redstrongfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Fri, 27 Jan 2023 19:40:57 GMT
server: nginx/1.23.2
content-type: text/html; charset=UTF-8
content-length: 264
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://redstrongfoundation.org/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://redstrongfoundation.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://redstrongfoundation.org
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iLqBdo4lyT2mW3Z9ZmESMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XJZYu07hTCrElB4tf1kAb5zMUWg=
redstrongfoundation.org/wp-xml.php?url=https://redstrongfoundation.org/nW1d0h3vF4z
302 Found 0 B URL HTTP/2 redstrongfoundation.org/wp-xml.php?url=https://redstrongfoundation.org/nW1d0h3vF4z
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-xml.php?url=https://redstrongfoundation.org/nW1d0h3vF4z HTTP/1.1
Host: redstrongfoundation.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://redstrongfoundation.org/nW1d0h3vF4z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 27 Jan 2023 19:40:58 GMT
server: nginx/1.23.2
content-type: text/html; charset=UTF-8
content-length: 0
location: https://lmo.jpnlwst.com/?username=mdove#/common/oauth2/authorize?client_id=0.53787803116156-0ff1-0.86586219298926&auth=1-0.20695512332346
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d72ca0416cf92f2ba06e8925be6466ab
328337b55521e15bfe3f0e1b06d67e0463a9f6c0
1efd901bb109a201c7797c077d23e24ee57c7181f3b4bc3f3e717d684840fa92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EFD901BB109A201C7797C077D23E24EE57C7181F3B4BC3F3E717D684840FA92"
Last-Modified: Wed, 25 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 28 Jan 2023 01:40:58 GMT
Date: Fri, 27 Jan 2023 19:40:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14655
Expires: Fri, 27 Jan 2023 23:45:14 GMT
Date: Fri, 27 Jan 2023 19:40:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14655
Expires: Fri, 27 Jan 2023 23:45:14 GMT
Date: Fri, 27 Jan 2023 19:40:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14655
Expires: Fri, 27 Jan 2023 23:45:14 GMT
Date: Fri, 27 Jan 2023 19:40:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lkM4qVkPHqOdWwmxP2ShOgbbR6fjFtWmdavpgPyn7SQDkuggfHad7g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 12:26:22 GMT
age: 26077
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 74377
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 869cdfba2637cc932ce387317a3c485e
51d87a5223d87c959bf27b2a825dce0a28f52ada
6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uBZkutqH9dy9U8-_i3LISu9nYOtCTP8YtgxvgZVywkDx7bRzLjqUhw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 04:27:02 GMT
age: 54837
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MeE0Qrn_yZvUApGQTbOKQ14Z2ipPLbPFPyVqkKTk0Bs7ETn0UU6yMg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:48:43 GMT
age: 78736
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fdefZSZfSJi1-C7ZTSahawckLN-To4P91H-n1cyPqw34f18VzTeHRg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 12:53:58 GMT
age: 24421
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:57:18 GMT
age: 78221
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a10e2eaf8bb1fe15ecaede758a645dfd
de645ccd2d6f4f1cebb6cfb14b8a273e3b1f934d
09e008202b104ab8a86ffcd3580575c0a516f21c0ddfeeae718f2c7cdf5f85f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5746
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:40:59 GMT
Last-Modified: Fri, 27 Jan 2023 18:05:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 1ca2e9accffaa9d634e53948ea545834
d080911b5ff60e43e1695fa9609ea5115fb4be46
4ee6938a078eea18dbc65ec93773365e7ef8cf2fc34c81053a8e1dced6db1fa0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1063
Cache-Control: max-age=90454
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:40:59 GMT
Etag: "63d2e2fa-1d7"
Expires: Sat, 28 Jan 2023 20:48:33 GMT
Last-Modified: Thu, 26 Jan 2023 20:30:50 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 471
lmo.jpnlwst.com/?username=mdove
302 Found 256 B URL HTTP/2 lmo.jpnlwst.com/?username=mdove
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bda61f76baff1a7bb91fb2d813fdcae4
ea000cae2ff0a1035d61cbb041b236213b69fffa
1c94257c01dff1980e10660d010638221e9886a6de4360c6758d020bea4ebb16
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /?username=mdove HTTP/1.1
Host: lmo.jpnlwst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redstrongfoundation.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 27 Jan 2023 19:40:59 GMT
content-type: text/html; charset=utf-8
location: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
200 OK 14 kB URL HTTP/1.1 www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11941), with CRLF line terminators
Hash b94155e15cca74a7978551968a690516
e9f5b2e3885b957b3b61ca864e56c646e3fbc6cc
151fc655514d93af4fb574dcd0420f5185e3f584b1ded4bbafdc97f5d4748c50
GET /Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1 HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://redstrongfoundation.org/
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: br
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Set-Cookie: pv=SE5FE76_8811; path=/; secure; HttpOnly; SameSite=None
ssid=iz4ozfseflfq4lwzwxbopkbi; path=/; secure; HttpOnly; SameSite=None
MemberConsoleMobile=; path=/; secure; SameSite=None
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:40:59 GMT
Content-Length: 14322
www.docusign.net/Signing/StyleSheets/Framework.css
200 OK 1.3 kB URL HTTP/1.1 www.docusign.net/Signing/StyleSheets/Framework.css
IP
File type ASCII text, with CRLF line terminators
Hash 9fb2737879c24fead094c01cbfb5fe11
3601d3f9517991356297ed79991bcf705622c9b3
dbc4302ca632913adb3871dec3f3e9e6f8aa01cc7ab4eb087be09e7248cab3cb
GET /Signing/StyleSheets/Framework.css HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
ETag: "065eded2622d91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:40:59 GMT
Content-Length: 1339
www.docusign.net/Signing/client_scripts/jQuery/jquery-1.12.3.min.js
200 OK 34 kB URL HTTP/1.1 www.docusign.net/Signing/client_scripts/jQuery/jquery-1.12.3.min.js
IP
File type ASCII text, with very long lines (32029), with CRLF line terminators
Hash eda5042559f1683ec7c7e896a582a89c
808d6caa3e9629b6ce48463cb1c274f0e16dd86c
7eba55dd82536a221bc423dba881df158e73e8e26d7da9117ce0186b07814cbc
GET /Signing/client_scripts/jQuery/jquery-1.12.3.min.js HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/javascript
Content-Encoding: gzip
ETag: "804ebe542622d91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:40:59 GMT
Content-Length: 33900
www.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
200 OK 1.6 kB URL HTTP/1.1 www.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
IP
Hash 94efe1df326362ef2423f447b0e07a42
c20c4a130a6c2bdf8d513fd82fddf7ebe7050519
ff2a6fd9f9b72c4d8292fd00f48d8be351ffa3f81c0a25d0a4ed5d5296092765
GET /Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8 HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
ETag: "50801faa381bd91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:40:59 GMT
Content-Length: 1560
www.docusign.net/Signing/StyleSheetsDev/ErrorExpired.css
200 OK 2.0 kB URL HTTP/1.1 www.docusign.net/Signing/StyleSheetsDev/ErrorExpired.css
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3165af715e6ba5ca2b00f9ab5277cc8c
99697540aac85b979624e1a09483418a4c30bd11
08034c30a67418dd7bff599a0ea4ecb87315d485adb3bd1774afc36b33705317
GET /Signing/StyleSheetsDev/ErrorExpired.css HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
ETag: "1a2c28542622d91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 2048
www.docusign.net/Signing/Images/controls/btn_arrow_u.png
200 OK 3.0 kB URL HTTP/1.1 www.docusign.net/Signing/Images/controls/btn_arrow_u.png
IP
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash c863db426897325cb4805b2c20f51f30
a426fe43f0ce1a489ce091cc27768cdcc2991210
2a5179b8851c8e3dfc77d7dcb33b3963afa037608336d6ae412acaa38ad59d22
GET /Signing/Images/controls/btn_arrow_u.png HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/png
ETag: "5ccd532622d91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 2961
www.docusign.net/Signing/Images/logo_docusign_new_white.png
200 OK 4.0 kB URL HTTP/1.1 www.docusign.net/Signing/Images/logo_docusign_new_white.png
IP
File type PNG image data, 231 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b83c7b55dd89651ccbf62a5153d1984
e6664bc6d6ac06aac70abbe21cbd83adb776441a
edd5eb91a05ef65653a6e9c4ddb60482ee93ad2994c1925cd2b7a310e7bdcc73
GET /Signing/Images/logo_docusign_new_white.png HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/png
ETag: "4686ec532622d91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 4010
www.docusign.net/Signing/Image.aspx?i=logo&l=8d686f4f-d339-43ac-83ae-36b2103ccc83
200 OK 18 kB URL HTTP/1.1 www.docusign.net/Signing/Image.aspx?i=logo&l=8d686f4f-d339-43ac-83ae-36b2103ccc83
IP
File type PNG image data, 150 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash e318344f3fa335ac223217d4d5093580
f3391c2454b2d4279138a10bf3abfe69e63940f9
c5aff96c04ffcea6ac274f089d95b5b24f5dcf475fc5f05fd07864e845ef0c02
GET /Signing/Image.aspx?i=logo&l=8d686f4f-d339-43ac-83ae-36b2103ccc83 HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/Signing/Error.aspx?e=ef8758e9-7611-4d41-a4b3-f75dbce853fe&scope=157ad94e-6b42-44c5-86da-aab6ee1dda6f&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/png
ETag: c8c13368-b71b-4ef0-8856-39b94a578f1e
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: pv=SE5FE76_8811; path=/; secure; HttpOnly; SameSite=None
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 17550
www.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue.woff
200 OK 48 kB URL HTTP/1.1 www.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue.woff
IP
File type Web Open Font Format, TrueType, length 47748, version 1.0\012- data
Hash 4a573fac9111d6adcb3994983539bd75
69bebefe9edeac85cc27516dbe0ea176c1c2c25c
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
GET /Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue.woff HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "50801faa381bd91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 47748
docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
200 OK 26 kB URL HTTP/2 docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
IP
ASN #20940 Akamai International B.V.
Hash 72b894ccd2a1349824be26c74169bc02
7033e6f80eb591c2d556b411d3e5b87361cdc1c3
ec10d562179623af25d5dc3e465f84968c76525ec8b9111c29b2f18ea1888c6b
GET /v/static/mixpanel-2-2-1b.js HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ece7a224f69ab2205d90900589ae1d05:1527120741"
last-modified: Thu, 24 May 2018 00:08:49 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 19:41:01 GMT
date: Fri, 27 Jan 2023 19:41:01 GMT
content-length: 26533
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cc0780b79bfeba575916534b562cf5af
20ecb846761c0aecba8066d24fe97f255da4e8cf
c528c3f35f988b131cf713b0507967e5cb834b45b4336f6983d75830196224db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4804
Cache-Control: max-age=141344
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:41:01 GMT
Etag: "63d39b29-1d7"
Expires: Sun, 29 Jan 2023 10:56:45 GMT
Last-Modified: Fri, 27 Jan 2023 09:36:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkZpcmVmb3giLCIkcmVmZXJyaW5nX2RvbWFpbiI6ICJyZWRzdHJvbmdmb3VuZGF0aW9uLm9yZyIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICJEMkIwMDREQTE5NjYyODU2RkRBNDk1MDNGMEM3QjZFNkE0QjIyMEUyIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICJyZWRzdHJvbmdmb3VuZGF0aW9uLm9yZyIsIm1wX3BhZ2UiOiAid3d3LmRvY3VzaWduLm5ldCIsIm1wX3JlZmVycmVyIjogInJlZHN0cm9uZ2ZvdW5kYXRpb24ub3JnIiwibXBfYnJvd3NlciI6ICJGaXJlZm94IiwibXBfcGxhdGZvcm0iOiAiV2luZG93cyIsInRva2VuIjogIjMwNGNjYmRlMjRkM2IxNWZmZTJkNWRlMzBjMTBkYWIyIn19&ip=1&_=1674848461110
200 OK 1 B URL HTTP/2 api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkZpcmVmb3giLCIkcmVmZXJyaW5nX2RvbWFpbiI6ICJyZWRzdHJvbmdmb3VuZGF0aW9uLm9yZyIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICJEMkIwMDREQTE5NjYyODU2RkRBNDk1MDNGMEM3QjZFNkE0QjIyMEUyIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICJyZWRzdHJvbmdmb3VuZGF0aW9uLm9yZyIsIm1wX3BhZ2UiOiAid3d3LmRvY3VzaWduLm5ldCIsIm1wX3JlZmVycmVyIjogInJlZHN0cm9uZ2ZvdW5kYXRpb24ub3JnIiwibXBfYnJvd3NlciI6ICJGaXJlZm94IiwibXBfcGxhdGZvcm0iOiAiV2luZG93cyIsInRva2VuIjogIjMwNGNjYmRlMjRkM2IxNWZmZTJkNWRlMzBjMTBkYWIyIn19&ip=1&_=1674848461110
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkZpcmVmb3giLCIkcmVmZXJyaW5nX2RvbWFpbiI6ICJyZWRzdHJvbmdmb3VuZGF0aW9uLm9yZyIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICJEMkIwMDREQTE5NjYyODU2RkRBNDk1MDNGMEM3QjZFNkE0QjIyMEUyIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICJyZWRzdHJvbmdmb3VuZGF0aW9uLm9yZyIsIm1wX3BhZ2UiOiAid3d3LmRvY3VzaWduLm5ldCIsIm1wX3JlZmVycmVyIjogInJlZHN0cm9uZ2ZvdW5kYXRpb24ub3JnIiwibXBfYnJvd3NlciI6ICJGaXJlZm94IiwibXBfcGxhdGZvcm0iOiAiV2luZG93cyIsInRva2VuIjogIjMwNGNjYmRlMjRkM2IxNWZmZTJkNWRlMzBjMTBkYWIyIn19&ip=1&_=1674848461110 HTTP/1.1
Host: api.mixpanel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/
Origin: https://www.docusign.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.docusign.net
access-control-expose-headers: X-MP-CE-Backoff
access-control-max-age: 1728000
cache-control: no-cache, no-store
content-type: application/json
strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 27 Jan 2023 19:41:01 GMT
content-length: 1
x-envoy-upstream-service-time: 0
server: envoy
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/android-chrome-512x512.png
200 OK 2.2 kB URL HTTP/2 docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/android-chrome-512x512.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 97f481a386a8bca43554a88332fb91e5
50d416da28fd5dd142d0775c3cf93e027b6a60d8
ef58bad5c4b087d131d5098e7022ef5eb480c01c4e76041e97db06c9f3c1bc4b
GET /olive/images/2.15.0/favicons/android-chrome-512x512.png HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: image/png
etag: "19afd5a33a141c1a34505a1d90d24c72:1584027770.130477"
last-modified: Thu, 12 Mar 2020 15:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3628800
date: Fri, 27 Jan 2023 19:41:01 GMT
content-length: 2185
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon-16x16.png
200 OK 592 B URL HTTP/2 docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon-16x16.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ab07127e18c443a7dba6879192584ec2
ead4f2a2292931a4cc4968299925de1054d85788
bcdd55a8ef3fa1d6b37cd851da72d503315f087c965597d1ee51598a4ada6fa9
GET /olive/images/2.15.0/favicons/favicon-16x16.png HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.docusign.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: image/png
etag: "ab07127e18c443a7dba6879192584ec2:1584027770.440594"
last-modified: Thu, 12 Mar 2020 15:40:31 GMT
content-length: 592
cache-control: max-age=3628800
date: Fri, 27 Jan 2023 19:41:01 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue-Bold.woff
200 OK 38 kB URL HTTP/1.1 www.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue-Bold.woff
IP
File type Web Open Font Format, TrueType, length 37560, version 1.0\012- data
Hash b9d0556a2c620a939d54c63be3df6c6c
97968884d4c5a93c46ab1334ce9e9156c694ea4d
90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f
GET /Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue-Bold.woff HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "50801faa381bd91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 37560
www.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Regular.woff
200 OK 35 kB URL HTTP/1.1 www.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Regular.woff
IP
File type Web Open Font Format, CFF, length 34820, version 0.0\012- data
Hash fd117c9eb999e35d64be1515d5b2192d
b0fae4091ac17a28c47af531a9d5b73b4c35f6bd
553582be8a5d2779d1a9e9c3a6698fd4d365e01353d8876a7204db68fcd1d12d
GET /Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Regular.woff HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=SE5FE76_8811; AspxAutoDetectCookieSupport=1; BIGipDocuSign_NA1_Signing=!UiDh1IPjPYRB80e0bOlB09wl7VsgfyfvL4jOW4bDi/xyujbHGwkWv01g6GSu+jYws7BTFGne41IIKGo=; ssid=iz4ozfseflfq4lwzwxbopkbi; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "50801faa381bd91:0"
X-DocuSign-Node: SE5FE76
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Fri, 27 Jan 2023 19:41:00 GMT
Content-Length: 34820
192.185.96.196
103.90.163.65
23.36.76.249
93.184.220.29
0.0.0.0