oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
199.36.158.100301 Moved Permanently 0 B URL HTTP/1.1 oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
IP 199.36.158.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1 HTTP/1.1
Host: oracleworkflow.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
Accept-Ranges: bytes
Date: Tue, 31 Jan 2023 02:29:33 GMT
X-Served-By: cache-bma1677-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1675132173.193377,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8740
Expires: Tue, 31 Jan 2023 04:55:13 GMT
Date: Tue, 31 Jan 2023 02:29:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6614
Expires: Tue, 31 Jan 2023 04:19:47 GMT
Date: Tue, 31 Jan 2023 02:29:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 01:35:50 GMT
content-type: application/json
age: 3223
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Tue, 31 Jan 2023 03:37:20 GMT
Date: Tue, 31 Jan 2023 02:29:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mWsknPJf+NqCTeuImbB+4+aPuWFFqPz9u61bcx7RmP8xXU5xB3KM1SQfOTnDe3fFDziNC+R9yYMenufFOk/6qw==
x-amz-request-id: NWCC9NHBRPA55VMK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 01:50:59 GMT
age: 2314
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:29:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
199.36.158.100404 Not Found 9.1 kB URL HTTP/2 oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1101)
Hash edbe01024ca9fcdead5871b88934de1e
d14dbc0dcafd0a84e8a751ef2930e93b902f699b
bb9b69d7b9d3eedc913208e24964ab8053856d9742fa0cc0b3e0e383c494953f
Analyzer Verdict Alert fortinet Phishing
GET /r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1 HTTP/1.1
Host: oracleworkflow.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "bb9b69d7b9d3eedc913208e24964ab8053856d9742fa0cc0b3e0e383c494953f"
last-modified: Mon, 30 Jan 2023 23:26:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 31 Jan 2023 02:29:33 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675132173.429010,VS0,VE209
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9131
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/ULiEbIvUkmk
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/ULiEbIvUkmk
IP 142.250.74.131:0
Hash 74cac629a97935cdb3cd45cfba292834
c9d68a9b47c108d413c8ca9e49d6f69effaaa8e8
c5be101d093b4d2684a09d9499a5a14b91535103cb59f97806cb43364d40f7c2
POST /s/gts1d4int/ULiEbIvUkmk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
152.199.23.37200 OK 5.4 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (14442)
Hash fa5651ac32c6a7c1a9fe1511c36697c9
192e13ecd4892c62f4c01deb684759620812d152
dd4ea852b98a6e5085f81a4b34914684c0d700180c1bbeec08e37bc953ea22ed
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 20674878
cache-control: public, max-age=31536000
content-md5: +lZRrDLGp8Gp/hURw2aXyQ==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:33 GMT
etag: 0x8D99FD65BAB30A3
last-modified: Thu, 04 Nov 2021 21:02:05 GMT
server: ECAcc (ska/F7BE)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d636d6ac-c01e-000a-7c12-79f4c7000000
x-ms-version: 2009-09-19
content-length: 5386
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
152.199.23.37200 OK 26 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (49529)
Hash c4099527852bb570136a02c3d2d0d7a1
b07b674fb73ddddc9bff08b48b6b147505cb2965
a3c764080babe34837f4141640fa646aa98a6963a2dcf0abfb482b6007c9fa5b
GET /shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 8501440
cache-control: public, max-age=31536000
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:33 GMT
etag: 0x8D9942E72241B02
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (ska/F6E6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f8241864-001e-000b-50c9-e70aca000000
x-ms-version: 2009-09-19
content-length: 26117
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
152.199.23.37200 OK 20 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
IP 152.199.23.37:0
File type ASCII text, with very long lines (61177)
Hash d0ed87f63b8660bd339337185abd0d22
eab58f2ada552aaaa64115714a53911b808e9960
7de61e0e2dc500867def43564fd1e74e44e81659d37017f4a2805de625b0ec0d
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oracleworkflow.firebaseapp.com
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 10316905
cache-control: public, max-age=31536000
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
content-type: text/css
date: Tue, 31 Jan 2023 02:29:33 GMT
etag: 0x8D982C8F03AF4D4
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (ska/F769)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c56d37c1-b01e-0053-3746-d76e6f000000
x-ms-version: 2009-09-19
content-length: 19877
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
152.199.23.37200 OK 129 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (64616)
Size 129 kB (128665 bytes)
Hash 7be184a40ad9221f627469d648e8f4ce
291d54948a4d69bea0b289648879dbcf7cd2ac9f
8dc9a8ee1ce80dc85a6715e5e6188d781ec6375aa067ba1310637b24d483b7b7
GET /shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oracleworkflow.firebaseapp.com
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 7287965
cache-control: public, max-age=31536000
content-md5: e+GEpArZIh9idGnWSOj0zg==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:33 GMT
etag: 0x8D99FD6608B3F3E
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (ska/F7A6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ee0683d1-f01e-0014-0cd3-f28a01000000
x-ms-version: 2009-09-19
content-length: 128665
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
152.199.23.37200 OK 13 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
IP 152.199.23.37:0
File type Unicode text, UTF-8 text, with very long lines (32002)
Hash 1986d215d2c4f176fda42cd283b709e8
84d1de151fdccfc0d79291df554d284f79797f9a
19ea4555f2964e2375d07b1fd46e7e655ca5acbea84ade244bbe415ba9c4f416
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oracleworkflow.firebaseapp.com
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 8473693
cache-control: public, max-age=31536000
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:33 GMT
etag: 0x8D992B5E417004E
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (ska/F73C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 503482f5-501e-0089-330a-e8ffe2000000
x-ms-version: 2009-09-19
content-length: 12608
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7346
Expires: Tue, 31 Jan 2023 04:31:59 GMT
Date: Tue, 31 Jan 2023 02:29:33 GMT
Connection: keep-alive
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
152.199.23.37200 OK 673 B URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP 152.199.23.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Hash 0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 14433618
cache-control: public, max-age=31536000
content-md5: DhdidjYrlCeaRJJRG/y9mA==
content-type: image/svg+xml
date: Tue, 31 Jan 2023 02:29:34 GMT
etag: 0x8D7B007297AE131
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F795)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82e0eb20-701e-0011-72d5-b19fa0000000
x-ms-version: 2009-09-19
content-length: 673
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.49.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.49.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uG2TyrB7y/HOKbW+b7yhuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tAYzcyuL6ghHQOfPr7FypJxMPF0=
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
13.107.237.53200 OK 17 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 7acf1fd0-001e-002f-6e53-2d2f5f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0BgvYYwAAAAApl6ed2Bi3TapTKhuddoAURlJBMjMxMDUwNDE3MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0Dn3YYwAAAADWCWFuRVQaSrsIQtqmKnVFQ1BIMzBFREdFMDQxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Tue, 31 Jan 2023 02:29:33 GMT
X-Firefox-Spdy: h2
login.live.com/Me.htm?v=3
20.190.159.22200 OK 1.1 kB URL HTTP/1.1 login.live.com/Me.htm?v=3
IP 20.190.159.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
Hash 9c08f0f5b411918572bb176b56d4b747
12814f1ffd1c414337cfc57da7561f4386ec8b67
d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Fri, 28 Jan 2033 02:29:35 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 5f12d576-e9fb-4510-bc33-f0944e534e94
PPServer: PPV: 30 H: BL02EPF00006847 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=d2a7e1d493eb4913a5ec83d8f7fe5b21; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1675132175&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Tue, 31 Jan 2023 02:29:34 GMT
Content-Length: 1132
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:29:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:29:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:29:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Tue, 31 Jan 2023 03:30:53 GMT
Date: Tue, 31 Jan 2023 02:29:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 2816
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkhlfofiCFusEluIswICaWL-lR_nnmhszPSRTqZL_tRixYUUqlUZ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
age: 16821
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 19570
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 16874
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 6993
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 1980
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b512271e64337a55ef402f4e8dae454
2c54e620df406b1ebe28dfdfc087ef26eff57334
3d826bcefa352d097b752dc8b25fbfec3980656e6d889932bde4c83d48ad4c82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D826BCEFA352D097B752DC8B25FBFEC3980656E6D889932BDE4C83D48AD4C82"
Last-Modified: Sun, 29 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13823
Expires: Tue, 31 Jan 2023 06:19:58 GMT
Date: Tue, 31 Jan 2023 02:29:35 GMT
Connection: keep-alive
tieraerztin-pichler.at/wp-workflow.php?url=https://oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
168.119.8.226302 Found 0 B URL HTTP/2 tieraerztin-pichler.at/wp-workflow.php?url=https://oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1
IP 168.119.8.226:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-workflow.php?url=https://oracleworkflow.firebaseapp.com/r9sarlosd072Tvonsa512TvunW1aF4znF4zrgyd07r9sonW1 HTTP/1.1
Host: tieraerztin-pichler.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oracleworkflow.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 02:29:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://workflow.bdowh.com/?username=carlos.pons@pumaenergy.com#/cloud/oauth?client_id=0.091511551333364-0ff1-0.92404295873085&auth=10.23678794653937-0.10130333299809
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee5804942b9428b20477a6c05c458f2
b23883e5af7ce18c749352cbb0555456899ea441
88cea335a439a4fcfe5ba4c7b3f322ad10aaaf13dd40eabf7cdfc9aac2a5aa8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CEA335A439A4FCFE5BA4C7B3F322AD10AAAF13DD40EABF7CDFC9AAC2A5AA8B"
Last-Modified: Sun, 29 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 08:29:36 GMT
Date: Tue, 31 Jan 2023 02:29:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workflow.bdowh.com/?username=carlos.pons@pumaenergy.com
78.153.130.178302 Found 1.1 kB URL HTTP/2 workflow.bdowh.com/?username=carlos.pons@pumaenergy.com
IP 78.153.130.178:0
ASN #28738 LLC Company Interlan Communications
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (955), with CRLF, LF line terminators
Hash f80f519fbad7793f39f45baf3b0871d5
0fe9dcac847fc4f5e6d3d5dc9d46a599010ceb09
b09800abff2cd9ce68f177560f90167fe51fc34540f1bec5256d7cc1f531b85c
GET /?username=carlos.pons@pumaenergy.com HTTP/1.1
Host: workflow.bdowh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oracleworkflow.firebaseapp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 02:29:36 GMT
content-type: text/html; charset=utf-8
location: https://doubleclick.net/aclk?sa=l&ai=CiX22MRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBNkBT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-40_k09zJygDo9cg6ttq9d6p9Rl1y3YRMzN_X1Y5r2iwXtqVDqraIv-Dm9G5cwiKW8-2-AykaZyrhRUx1pQzQOjAAHVnlLGbeg2XtJtyFKBQW-OTBhMXoGAUVgm-kv4n-qPNZoctr8Vg2iBj8VkFG1HErFttzbK-GzH2tmRD3GvmMMD8HMRMAEjMrq-JoE-gUGCCUQARgAoAYugAeX1eLRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcAwAgB0ggPCIBhEAEYADICigI6AoBA8ggNYmlkZGVyLTIzNDM0OIAKBJALA5gLAcgLAYAMAbgMAdgTDNAVAfgWAYAXAQ&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&sig=AOD64_3tAF0qW-0ZWDDg68iZ2Tziw4fTGA&client=ca-pub-2399441271239169&nb=9&adurl=https%3A%2F%2Fwebdse.firebaseapp.com%2fjanW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/aclk?sa=l&ai=CiX22MRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBNkBT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-40_k09zJygDo9cg6ttq9d6p9Rl1y3YRMzN_X1Y5r2iwXtqVDqraIv-Dm9G5cwiKW8-2-AykaZyrhRUx1pQzQOjAAHVnlLGbeg2XtJtyFKBQW-OTBhMXoGAUVgm-kv4n-qPNZoctr8Vg2iBj8VkFG1HErFttzbK-GzH2tmRD3GvmMMD8HMRMAEjMrq-JoE-gUGCCUQARgAoAYugAeX1eLRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcAwAgB0ggPCIBhEAEYADICigI6AoBA8ggNYmlkZGVyLTIzNDM0OIAKBJALA5gLAcgLAYAMAbgMAdgTDNAVAfgWAYAXAQ&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&sig=AOD64_3tAF0qW-0ZWDDg68iZ2Tziw4fTGA&client=ca-pub-2399441271239169&nb=9&adurl=https%3A%2F%2Fwebdse.firebaseapp.com%2FjanW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1
142.250.74.132302 Found 0 B URL HTTP/2 www.google.com/aclk?sa=l&ai=CiX22MRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBNkBT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-40_k09zJygDo9cg6ttq9d6p9Rl1y3YRMzN_X1Y5r2iwXtqVDqraIv-Dm9G5cwiKW8-2-AykaZyrhRUx1pQzQOjAAHVnlLGbeg2XtJtyFKBQW-OTBhMXoGAUVgm-kv4n-qPNZoctr8Vg2iBj8VkFG1HErFttzbK-GzH2tmRD3GvmMMD8HMRMAEjMrq-JoE-gUGCCUQARgAoAYugAeX1eLRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcAwAgB0ggPCIBhEAEYADICigI6AoBA8ggNYmlkZGVyLTIzNDM0OIAKBJALA5gLAcgLAYAMAbgMAdgTDNAVAfgWAYAXAQ&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&sig=AOD64_3tAF0qW-0ZWDDg68iZ2Tziw4fTGA&client=ca-pub-2399441271239169&nb=9&adurl=https%3A%2F%2Fwebdse.firebaseapp.com%2FjanW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1
IP 142.250.74.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aclk?sa=l&ai=CiX22MRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBNkBT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-40_k09zJygDo9cg6ttq9d6p9Rl1y3YRMzN_X1Y5r2iwXtqVDqraIv-Dm9G5cwiKW8-2-AykaZyrhRUx1pQzQOjAAHVnlLGbeg2XtJtyFKBQW-OTBhMXoGAUVgm-kv4n-qPNZoctr8Vg2iBj8VkFG1HErFttzbK-GzH2tmRD3GvmMMD8HMRMAEjMrq-JoE-gUGCCUQARgAoAYugAeX1eLRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcAwAgB0ggPCIBhEAEYADICigI6AoBA8ggNYmlkZGVyLTIzNDM0OIAKBJALA5gLAcgLAYAMAbgMAdgTDNAVAfgWAYAXAQ&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&sig=AOD64_3tAF0qW-0ZWDDg68iZ2Tziw4fTGA&client=ca-pub-2399441271239169&nb=9&adurl=https%3A%2F%2Fwebdse.firebaseapp.com%2FjanW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oracleworkflow.firebaseapp.com/
Connection: keep-alive
Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 02:29:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
location: https://www.googleadservices.com/pagead/aclk?sa=L&ai=CGghpMRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBN0BT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-408k12T9ygFo5cg6Rv69d7pQ5kKt35RbA-t78NpzJg4JGERj6lURfVzXyaQOkFnO261cf657T082VMoYDLxAn-xlF_fg1PApS6VTxDIk19IbJoSXZVXcpss_10t75dfkP7v1iOj4bhf5EbzqxRN1LZZfOnijeEURlnqfqsLASmVnW6QMHt3Wh0SfABIzK6viaBPoFBgglEAEYAKAGLoAHl9Xi0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAMAIAdIIDwiAYRABGAAyAooCOgKAQPIIDWJpZGRlci0yMzQzNDiaCV5odHRwczovL3dlYmRzZS5maXJlYmFzZWFwcC5jb20vamFuVzFGNHpzZDA3blcxcjlzZEY0enZpNWtRNWtRYTUxcjlzLWF1NWtRb25XMWE1a1Fpb25kMDdyOXNvblcxgAoEkAsDmAsByAsBgAwBuAwB2BMM0BUB-BYBgBcB4BcC&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&client=ca-pub-2399441271239169&nb=9&dblrd=1&sig=AOD64_27LmWwv9PS0yAodZJF6bkbvgPrcg&adurl=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
x-content-type-options: nosniff
server: adclick_server
content-length: 0
x-xss-protection: 0
set-cookie: NID=511=RTHwgZyiBkqwMP7BK3VDNml0c7Jf5yJHxkwLYEVQoyNBKovCFee9eUdWRZTjrsnER8ZWCm2JyJADsyNGPkX0ovpmcpx-xA0b0SxHJ6YQ6pKkru9tNGoURi4K00bMEYiQLL56HZfzIMulCy43fdscFr5mncti-d2-4dmhGt2fe3w; expires=Wed, 02-Aug-2023 02:29:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 068b99770dbe915df78d29b83e82e6b4
4377189fd27feab4924b0e33e735755c00830c9b
538d56c75e0213f3dfa3f49859c796f6f53246699cd7335139a78dddc1f1f5e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/aclk?sa=L&ai=CGghpMRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBN0BT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-408k12T9ygFo5cg6Rv69d7pQ5kKt35RbA-t78NpzJg4JGERj6lURfVzXyaQOkFnO261cf657T082VMoYDLxAn-xlF_fg1PApS6VTxDIk19IbJoSXZVXcpss_10t75dfkP7v1iOj4bhf5EbzqxRN1LZZfOnijeEURlnqfqsLASmVnW6QMHt3Wh0SfABIzK6viaBPoFBgglEAEYAKAGLoAHl9Xi0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAMAIAdIIDwiAYRABGAAyAooCOgKAQPIIDWJpZGRlci0yMzQzNDiaCV5odHRwczovL3dlYmRzZS5maXJlYmFzZWFwcC5jb20vamFuVzFGNHpzZDA3blcxcjlzZEY0enZpNWtRNWtRYTUxcjlzLWF1NWtRb25XMWE1a1Fpb25kMDdyOXNvblcxgAoEkAsDmAsByAsBgAwBuAwB2BMM0BUB-BYBgBcB4BcC&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&client=ca-pub-2399441271239169&nb=9&dblrd=1&sig=AOD64_27LmWwv9PS0yAodZJF6bkbvgPrcg&adurl=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1
142.250.74.66302 Found 0 B URL HTTP/2 www.googleadservices.com/pagead/aclk?sa=L&ai=CGghpMRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBN0BT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-408k12T9ygFo5cg6Rv69d7pQ5kKt35RbA-t78NpzJg4JGERj6lURfVzXyaQOkFnO261cf657T082VMoYDLxAn-xlF_fg1PApS6VTxDIk19IbJoSXZVXcpss_10t75dfkP7v1iOj4bhf5EbzqxRN1LZZfOnijeEURlnqfqsLASmVnW6QMHt3Wh0SfABIzK6viaBPoFBgglEAEYAKAGLoAHl9Xi0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAMAIAdIIDwiAYRABGAAyAooCOgKAQPIIDWJpZGRlci0yMzQzNDiaCV5odHRwczovL3dlYmRzZS5maXJlYmFzZWFwcC5jb20vamFuVzFGNHpzZDA3blcxcjlzZEY0enZpNWtRNWtRYTUxcjlzLWF1NWtRb25XMWE1a1Fpb25kMDdyOXNvblcxgAoEkAsDmAsByAsBgAwBuAwB2BMM0BUB-BYBgBcB4BcC&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&client=ca-pub-2399441271239169&nb=9&dblrd=1&sig=AOD64_27LmWwv9PS0yAodZJF6bkbvgPrcg&adurl=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/aclk?sa=L&ai=CGghpMRm0Y9DdM-SKtOUPv7yaEPzWzaNu9d-tquAQsdH93wUQASDYzIslYMnG5ozkpMAToAGhwJjxKMgBCagDAcgDmwSqBN0BT9Dp5t8dWcQBlDe4d5dh20Ul04HCVoWXJs61oFFltikQj1oSykzI_2FRdQ-aNO1l72ro2jsCE2yw-H9VNL6ejR2MTzCVYRzlkT4m-lH-lKLYJc-408k12T9ygFo5cg6Rv69d7pQ5kKt35RbA-t78NpzJg4JGERj6lURfVzXyaQOkFnO261cf657T082VMoYDLxAn-xlF_fg1PApS6VTxDIk19IbJoSXZVXcpss_10t75dfkP7v1iOj4bhf5EbzqxRN1LZZfOnijeEURlnqfqsLASmVnW6QMHt3Wh0SfABIzK6viaBPoFBgglEAEYAKAGLoAHl9Xi0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAMAIAdIIDwiAYRABGAAyAooCOgKAQPIIDWJpZGRlci0yMzQzNDiaCV5odHRwczovL3dlYmRzZS5maXJlYmFzZWFwcC5jb20vamFuVzFGNHpzZDA3blcxcjlzZEY0enZpNWtRNWtRYTUxcjlzLWF1NWtRb25XMWE1a1Fpb25kMDdyOXNvblcxgAoEkAsDmAsByAsBgAwBuAwB2BMM0BUB-BYBgBcB4BcC&ae=1&num=1&pr=2:0.44428&cid=CAQSGwDq26N9g7lUMdFJS8QkE1M0Zob561A2eQ3rfhgBIAo&client=ca-pub-2399441271239169&nb=9&dblrd=1&sig=AOD64_27LmWwv9PS0yAodZJF6bkbvgPrcg&adurl=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oracleworkflow.firebaseapp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 31 Jan 2023 02:29:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
location: https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: adclick_server
content-length: 0
x-xss-protection: 0
set-cookie: Conversion=EgwIABUAAAAAHQAAAAAYASDhrpCVvJTTgylIAWo3RUFJYUlRb2JDaE1Ja0xyRHE2MnJfQUlWWkFXdEJoMF9uZ1lDRUFFWUFTQUJFZ0p4aHZEX0J3RXC-koLA4fD8ApAB9d-tquAQmAEB; expires=Mon, 01-May-2023 02:28:57 GMT; path=/pagead/conversion/10974797857/; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1b05a0b3c19155ff38f58b7dd4606775
ef6a909125ff3c1e9ea077163a86df4028ff490e
b0708b95554274b9cf8bced7a8668069a39b99a5e216c11b6c277bb912dcecf7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE
199.36.158.100404 Not Found 9.1 kB URL HTTP/2 webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1101)
Hash a599f49a85320e7af8f6cddfbf1c46dd
924f612158a42e74b25c0359deb268cd93a87ca7
8e909afb9e933ebea49bc58cc2edd0f3fb5abc2f854b9737bb4862d4bd53f975
GET /janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE HTTP/1.1
Host: webdse.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oracleworkflow.firebaseapp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "8e909afb9e933ebea49bc58cc2edd0f3fb5abc2f854b9737bb4862d4bd53f975"
last-modified: Mon, 30 Jan 2023 15:06:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 31 Jan 2023 02:29:36 GMT
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675132177.869746,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9124
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
152.199.23.37200 OK 20 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
IP 152.199.23.37:0
File type ASCII text, with very long lines (61177)
Hash d0ed87f63b8660bd339337185abd0d22
eab58f2ada552aaaa64115714a53911b808e9960
7de61e0e2dc500867def43564fd1e74e44e81659d37017f4a2805de625b0ec0d
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webdse.firebaseapp.com
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 10316908
cache-control: public, max-age=31536000
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
content-type: text/css
date: Tue, 31 Jan 2023 02:29:36 GMT
etag: 0x8D982C8F03AF4D4
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (ska/F769)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c56d37c1-b01e-0053-3746-d76e6f000000
x-ms-version: 2009-09-19
content-length: 19877
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
152.199.23.37200 OK 26 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (49529)
Hash c4099527852bb570136a02c3d2d0d7a1
b07b674fb73ddddc9bff08b48b6b147505cb2965
a3c764080babe34837f4141640fa646aa98a6963a2dcf0abfb482b6007c9fa5b
GET /shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 8501443
cache-control: public, max-age=31536000
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:36 GMT
etag: 0x8D9942E72241B02
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (ska/F6E6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f8241864-001e-000b-50c9-e70aca000000
x-ms-version: 2009-09-19
content-length: 26117
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
152.199.23.37200 OK 5.4 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (14442)
Hash fa5651ac32c6a7c1a9fe1511c36697c9
192e13ecd4892c62f4c01deb684759620812d152
dd4ea852b98a6e5085f81a4b34914684c0d700180c1bbeec08e37bc953ea22ed
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 20674881
cache-control: public, max-age=31536000
content-md5: +lZRrDLGp8Gp/hURw2aXyQ==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:36 GMT
etag: 0x8D99FD65BAB30A3
last-modified: Thu, 04 Nov 2021 21:02:05 GMT
server: ECAcc (ska/F7BE)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d636d6ac-c01e-000a-7c12-79f4c7000000
x-ms-version: 2009-09-19
content-length: 5386
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
152.199.23.37200 OK 129 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (64616)
Size 129 kB (128665 bytes)
Hash 7be184a40ad9221f627469d648e8f4ce
291d54948a4d69bea0b289648879dbcf7cd2ac9f
8dc9a8ee1ce80dc85a6715e5e6188d781ec6375aa067ba1310637b24d483b7b7
GET /shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webdse.firebaseapp.com
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 7287968
cache-control: public, max-age=31536000
content-md5: e+GEpArZIh9idGnWSOj0zg==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:36 GMT
etag: 0x8D99FD6608B3F3E
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (ska/F7A6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ee0683d1-f01e-0014-0cd3-f28a01000000
x-ms-version: 2009-09-19
content-length: 128665
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
152.199.23.37200 OK 13 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
IP 152.199.23.37:0
File type Unicode text, UTF-8 text, with very long lines (32002)
Hash 1986d215d2c4f176fda42cd283b709e8
84d1de151fdccfc0d79291df554d284f79797f9a
19ea4555f2964e2375d07b1fd46e7e655ca5acbea84ade244bbe415ba9c4f416
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webdse.firebaseapp.com
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 8473696
cache-control: public, max-age=31536000
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
content-type: application/x-javascript
date: Tue, 31 Jan 2023 02:29:36 GMT
etag: 0x8D992B5E417004E
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (ska/F73C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 503482f5-501e-0089-330a-e8ffe2000000
x-ms-version: 2009-09-19
content-length: 12608
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
152.199.23.37200 OK 673 B URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP 152.199.23.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Hash 0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 14433621
cache-control: public, max-age=31536000
content-md5: DhdidjYrlCeaRJJRG/y9mA==
content-type: image/svg+xml
date: Tue, 31 Jan 2023 02:29:37 GMT
etag: 0x8D7B007297AE131
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F795)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82e0eb20-701e-0011-72d5-b19fa0000000
x-ms-version: 2009-09-19
content-length: 673
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
13.107.237.53200 OK 17 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 7acf1fd0-001e-002f-6e53-2d2f5f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0BgvYYwAAAAApl6ed2Bi3TapTKhuddoAURlJBMjMxMDUwNDE3MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-azure-ref: 0EX3YYwAAAAArWooMDNUASbaB+K3FWqipQ1BIMzBFREdFMDQxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Tue, 31 Jan 2023 02:29:36 GMT
X-Firefox-Spdy: h2
login.live.com/Me.htm?v=3
40.126.31.68200 OK 1.1 kB URL HTTP/1.1 login.live.com/Me.htm?v=3
IP 40.126.31.68:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
Hash 9c08f0f5b411918572bb176b56d4b747
12814f1ffd1c414337cfc57da7561f4386ec8b67
d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Fri, 28 Jan 2033 02:29:37 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 7a5be12e-23a7-4ee2-b551-d6736b99d4e3
PPServer: PPV: 30 H: BL02EPF000066A7 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=6f2ccd850a504a4fbbb7acb21dcf1bf9; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1675132177&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Tue, 31 Jan 2023 02:29:36 GMT
Content-Length: 1132
eaglelodgealaska.com/wp-rss.php?url=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE
69.194.236.160302 Found 0 B URL HTTP/1.1 eaglelodgealaska.com/wp-rss.php?url=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE
IP 69.194.236.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-rss.php?url=https://webdse.firebaseapp.com/janW1F4zsd07nW1r9sdF4zvi5kQ5kQa51r9s-au5kQonW1a5kQiond07r9sonW1?gclid=EAIaIQobChMIkLrDq62r_AIVZAWtBh0_ngYCEAEYASABEgJxhvD_BwE HTTP/1.1
Host: eaglelodgealaska.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webdse.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 31 Jan 2023 02:29:37 GMT
Server: Apache
Location: https://dse.p1q.eu/?username=james.mcdevitt@c-automation.com#/docusign/oauth/authorize?client_id=0.60167224872935-0ff1-0.067133916573196&auth=10.30545476139777-0.49140695598508
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 72ef33fe151c8d7fa4cb4245af90ddbe
1b7fed02c0a338a836a312ec30c9c4a7dc1d900c
2fc99d172d768d3fda9756444eb45925c4b256d68e61f296440e996c4dc62793
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FC99D172D768D3FDA9756444EB45925C4B256D68E61F296440E996C4DC62793"
Last-Modified: Mon, 30 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21531
Expires: Tue, 31 Jan 2023 08:28:29 GMT
Date: Tue, 31 Jan 2023 02:29:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c5bc701375ee726e789d906137c3327
82ae36f943c89e5b60c12f2b09ab2e6b866b3c75
6efceb2ae05906e09732571d3e9a00ede94c80404ca0c99a51cc498497c9012b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5693
Cache-Control: max-age=87877
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:39 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 02:54:16 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f4ab2bb9c77c38995fd6d239458b3c60
8d43354004a0253494097505c894c87bd44b6fc6
0b8538d541d710b46e5cbe56ecf7be0ae541cd632913c7991dd1f016b23ea8c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2682
Cache-Control: max-age=137405
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:39 GMT
Etag: "63d7e856-1d7"
Expires: Wed, 01 Feb 2023 16:39:44 GMT
Last-Modified: Mon, 30 Jan 2023 15:55:02 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471
dse.p1q.eu/?username=james.mcdevitt@c-automation.com
78.153.130.178302 Found 256 B URL HTTP/2 dse.p1q.eu/?username=james.mcdevitt@c-automation.com
IP 78.153.130.178:0
ASN #28738 LLC Company Interlan Communications
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cb4cafc7d2ec0c2a34f1cff775873021
4f54b3e368217c2a7fee53bb6d5f7be597ea3a48
ab0372181f85632f21982505e6024458903e03087c46e7c3ec01a5b44e07adf9
GET /?username=james.mcdevitt@c-automation.com HTTP/1.1
Host: dse.p1q.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webdse.firebaseapp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 02:29:38 GMT
content-type: text/html; charset=utf-8
location: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
185.81.100.28200 OK 16 kB URL HTTP/1.1 eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
IP 185.81.100.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11942), with CRLF line terminators
Hash db135d07619df50c392af1d32f296add
eece52b521e2a28d0668d694003b6535f92bcf3e
b0786e30ceb08a1225e764b5a6ce0db7635e6a42ffc4a64d9eda78eff2824db1
GET /Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1 HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webdse.firebaseapp.com/
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!72tQyfPZf0iEAx20yIacBIpTQEcSm3HO7iR+660juKZNOLK+vrx9uj8mofy72XWjh2teFCdr1ceeLA==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Set-Cookie: pv=FR3FE34_8802; path=/; secure; HttpOnly; SameSite=None
ssid=rftrlll5incrf1e5ynhbaubg; path=/; secure; HttpOnly; SameSite=None
MemberConsoleMobile=; path=/; secure; SameSite=None
BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==;path=/;secure;HttpOnly; Samesite=None;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 15503
eu.docusign.net/Signing/StyleSheets/Framework.css
185.81.100.28200 OK 1.3 kB URL HTTP/1.1 eu.docusign.net/Signing/StyleSheets/Framework.css
IP 185.81.100.28:0
File type ASCII text, with CRLF line terminators
Hash 9fb2737879c24fead094c01cbfb5fe11
3601d3f9517991356297ed79991bcf705622c9b3
dbc4302ca632913adb3871dec3f3e9e6f8aa01cc7ab4eb087be09e7248cab3cb
GET /Signing/StyleSheets/Framework.css HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
ETag: "03c8467b32bd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 1339
Set-Cookie: BIGipDocuSign_EU_Signing=!l6IVTnNRgzDvCW+0yIacBIpTQEcSm6v836+0oH3m+JRjM032APdEmSFUjYOMH7dD+nPlGH5cPRd3Lg==;path=/;secure;HttpOnly;
eu.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
185.81.100.28200 OK 1.6 kB URL HTTP/1.1 eu.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
IP 185.81.100.28:0
Hash 94efe1df326362ef2423f447b0e07a42
c20c4a130a6c2bdf8d513fd82fddf7ebe7050519
ff2a6fd9f9b72c4d8292fd00f48d8be351ffa3f81c0a25d0a4ed5d5296092765
GET /Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8 HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
ETag: "5027a0d8fcfd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 1560
Set-Cookie: BIGipDocuSign_EU_Signing=!bQkhFN6t5ONm55q0yIacBIpTQEcSm5rW09/0htVfudG7kXaNp5smoBnc5p/G3/b2pqp+/UJRQksUoA==;path=/;secure;HttpOnly;
eu.docusign.net/Signing/StyleSheetsDev/ErrorExpired.css
185.81.100.28200 OK 2.0 kB URL HTTP/1.1 eu.docusign.net/Signing/StyleSheetsDev/ErrorExpired.css
IP 185.81.100.28:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3165af715e6ba5ca2b00f9ab5277cc8c
99697540aac85b979624e1a09483418a4c30bd11
08034c30a67418dd7bff599a0ea4ecb87315d485adb3bd1774afc36b33705317
GET /Signing/StyleSheetsDev/ErrorExpired.css HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
ETag: "1b9c5e8bae2bd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 2048
eu.docusign.net/Signing/client_scripts/jQuery/jquery-1.12.3.min.js
185.81.100.28200 OK 34 kB URL HTTP/1.1 eu.docusign.net/Signing/client_scripts/jQuery/jquery-1.12.3.min.js
IP 185.81.100.28:0
File type ASCII text, with very long lines (32029), with CRLF line terminators
Hash eda5042559f1683ec7c7e896a582a89c
808d6caa3e9629b6ce48463cb1c274f0e16dd86c
7eba55dd82536a221bc423dba881df158e73e8e26d7da9117ce0186b07814cbc
GET /Signing/client_scripts/jQuery/jquery-1.12.3.min.js HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!l6IVTnNRgzDvCW+0yIacBIpTQEcSm6v836+0oH3m+JRjM032APdEmSFUjYOMH7dD+nPlGH5cPRd3Lg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/javascript
Content-Encoding: gzip
ETag: "804e918bae2bd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 33900
eu.docusign.net/Signing/Images/controls/btn_arrow_u.png
185.81.100.28200 OK 3.0 kB URL HTTP/1.1 eu.docusign.net/Signing/Images/controls/btn_arrow_u.png
IP 185.81.100.28:0
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash c863db426897325cb4805b2c20f51f30
a426fe43f0ce1a489ce091cc27768cdcc2991210
2a5179b8851c8e3dfc77d7dcb33b3963afa037608336d6ae412acaa38ad59d22
GET /Signing/Images/controls/btn_arrow_u.png HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/png
ETag: "185e18bae2bd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 2961
eu.docusign.net/Signing/Images/logo_docusign_new_white.png
185.81.100.28200 OK 4.0 kB URL HTTP/1.1 eu.docusign.net/Signing/Images/logo_docusign_new_white.png
IP 185.81.100.28:0
File type PNG image data, 231 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b83c7b55dd89651ccbf62a5153d1984
e6664bc6d6ac06aac70abbe21cbd83adb776441a
edd5eb91a05ef65653a6e9c4ddb60482ee93ad2994c1925cd2b7a310e7bdcc73
GET /Signing/Images/logo_docusign_new_white.png HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/png
ETag: "ba27258bae2bd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 4010
Set-Cookie: BIGipDocuSign_EU_Signing=!8rwQSZZCB2nE+Ke0yIacBIpTQEcSm8HMhebk4U1DTDkeeYO2dd+JzG4FqPsRZhhL0lhRijIziVq5bA==;path=/;secure;HttpOnly;
eu.docusign.net/Signing/Image.aspx?i=logo&l=96c1b788-5800-4e73-9b1c-ae9f201ebd9b
185.81.100.28200 OK 22 kB URL HTTP/1.1 eu.docusign.net/Signing/Image.aspx?i=logo&l=96c1b788-5800-4e73-9b1c-ae9f201ebd9b
IP 185.81.100.28:0
File type PNG image data, 396 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash b8b3972769cba74b2d457d66625ea3c0
f51fdac3aacbeb93cc0351014c48cd57e1ad8a2d
cee7b1849cc471d5fbb80d295ac43a32036cc69f5b82ff6bf2be86d8f55a4c96
GET /Signing/Image.aspx?i=logo&l=96c1b788-5800-4e73-9b1c-ae9f201ebd9b HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/Signing/Error.aspx?e=a904c621-201d-4fd1-a83e-56c09118cb19&scope=83a054c5-ece9-4070-b2d4-ca6ae5594490&AspxAutoDetectCookieSupport=1
Connection: keep-alive
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!Z0I49saHoUkE7LW0yIacBIpTQEcSm7bf9JtlI/kDTgXsSnJCCvpPP84le4RfHehdXO+Zqp1d0Wnteg==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/png
ETag: d161e8a7-b781-458c-849f-3b39e0e41132
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: pv=FR3FE34_8802; path=/; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 21966
eu.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue.woff
185.81.100.28200 OK 48 kB URL HTTP/1.1 eu.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue.woff
IP 185.81.100.28:0
File type Web Open Font Format, TrueType, length 47748, version 1.0\012- data
Hash 4a573fac9111d6adcb3994983539bd75
69bebefe9edeac85cc27516dbe0ea176c1c2c25c
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
GET /Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue.woff HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eu.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!8rwQSZZCB2nE+Ke0yIacBIpTQEcSm8HMhebk4U1DTDkeeYO2dd+JzG4FqPsRZhhL0lhRijIziVq5bA==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "5027a0d8fcfd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 47748
eu.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Bold.woff
185.81.100.28200 OK 34 kB URL HTTP/1.1 eu.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Bold.woff
IP 185.81.100.28:0
File type Web Open Font Format, CFF, length 33752, version 0.0\012- data
Hash 4de7535f6f5df8d5437c21c068ddb0ec
3553204b4624ca41cf1c4f3bd9b37d8c968cba23
8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b
GET /Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Bold.woff HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eu.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!8rwQSZZCB2nE+Ke0yIacBIpTQEcSm8HMhebk4U1DTDkeeYO2dd+JzG4FqPsRZhhL0lhRijIziVq5bA==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "5027a0d8fcfd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 33752
eu.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Regular.woff
185.81.100.28200 OK 35 kB URL HTTP/1.1 eu.docusign.net/Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Regular.woff
IP 185.81.100.28:0
File type Web Open Font Format, CFF, length 34820, version 0.0\012- data
Hash fd117c9eb999e35d64be1515d5b2192d
b0fae4091ac17a28c47af531a9d5b73b4c35f6bd
553582be8a5d2779d1a9e9c3a6698fd4d365e01353d8876a7204db68fcd1d12d
GET /Signing/SigningApp/latest/fonts/maven-pro/MavenPro-Regular.woff HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eu.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!8rwQSZZCB2nE+Ke0yIacBIpTQEcSm8HMhebk4U1DTDkeeYO2dd+JzG4FqPsRZhhL0lhRijIziVq5bA==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "5027a0d8fcfd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 34820
Set-Cookie: BIGipDocuSign_EU_Signing=!xO2CEK0jeTj4WfC0yIacBIpTQEcSm+qyI3tc1m69w96msPXl0Xenauuy0GLB59/DZBdvvqwjmJc+zA==;path=/;secure;HttpOnly;
eu.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue-Bold.woff
185.81.100.28200 OK 38 kB URL HTTP/1.1 eu.docusign.net/Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue-Bold.woff
IP 185.81.100.28:0
File type Web Open Font Format, TrueType, length 37560, version 1.0\012- data
Hash b9d0556a2c620a939d54c63be3df6c6c
97968884d4c5a93c46ab1334ce9e9156c694ea4d
90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f
GET /Signing/SigningApp/latest/fonts/helvetica-neue/HelveticaNeue-Bold.woff HTTP/1.1
Host: eu.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eu.docusign.net/Signing/SigningApp/latest/css/font-faces.css?cs=35a886aa8
Cookie: pv=FR3FE34_8802; AspxAutoDetectCookieSupport=1; BIGipDocuSign_EU_Signing=!8rwQSZZCB2nE+Ke0yIacBIpTQEcSm8HMhebk4U1DTDkeeYO2dd+JzG4FqPsRZhhL0lhRijIziVq5bA==; ssid=rftrlll5incrf1e5ynhbaubg; MemberConsoleMobile=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/font-woff
ETag: "5027a0d8fcfd91:0"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 31 Jan 2023 02:29:39 GMT
Content-Length: 37560
docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
23.36.76.243200 OK 26 kB URL HTTP/2 docucdn-a.akamaihd.net/v/static/mixpanel-2-2-1b.js
IP 23.36.76.243:0
ASN #20940 Akamai International B.V.
Hash 72b894ccd2a1349824be26c74169bc02
7033e6f80eb591c2d556b411d3e5b87361cdc1c3
ec10d562179623af25d5dc3e465f84968c76525ec8b9111c29b2f18ea1888c6b
GET /v/static/mixpanel-2-2-1b.js HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ece7a224f69ab2205d90900589ae1d05:1527120741"
last-modified: Thu, 24 May 2018 00:08:49 GMT
server: AkamaiNetStorage
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Wed, 31 Jan 2024 02:29:39 GMT
date: Tue, 31 Jan 2023 02:29:39 GMT
content-length: 26533
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/android-chrome-512x512.png
23.36.76.243200 OK 2.2 kB URL HTTP/2 docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/android-chrome-512x512.png
IP 23.36.76.243:0
ASN #20940 Akamai International B.V.
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 97f481a386a8bca43554a88332fb91e5
50d416da28fd5dd142d0775c3cf93e027b6a60d8
ef58bad5c4b087d131d5098e7022ef5eb480c01c4e76041e97db06c9f3c1bc4b
GET /olive/images/2.15.0/favicons/android-chrome-512x512.png HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: image/png
etag: "19afd5a33a141c1a34505a1d90d24c72:1584027770.130477"
last-modified: Thu, 12 Mar 2020 15:40:31 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3628800
date: Tue, 31 Jan 2023 02:29:39 GMT
content-length: 2185
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon-16x16.png
23.36.76.243200 OK 592 B URL HTTP/2 docucdn-a.akamaihd.net/olive/images/2.15.0/favicons/favicon-16x16.png
IP 23.36.76.243:0
ASN #20940 Akamai International B.V.
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ab07127e18c443a7dba6879192584ec2
ead4f2a2292931a4cc4968299925de1054d85788
bcdd55a8ef3fa1d6b37cd851da72d503315f087c965597d1ee51598a4ada6fa9
GET /olive/images/2.15.0/favicons/favicon-16x16.png HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: image/png
etag: "ab07127e18c443a7dba6879192584ec2:1584027770.440594"
last-modified: Thu, 12 Mar 2020 15:40:31 GMT
content-length: 592
cache-control: max-age=3628800
date: Tue, 31 Jan 2023 02:29:39 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 996ce6b1570d4a0010f79306cbd6ce17
256c3e19b145ce315e62f91fc429b1a24960ece4
57b17fe75b2fcb27cb58f4fffb16c84586e3dfffa37bbf5d128b49f05edb84b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5824
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:29:39 GMT
Etag: "63d78fa8-1d7"
Last-Modified: Tue, 31 Jan 2023 00:52:35 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 471
api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkZpcmVmb3giLCIkcmVmZXJyaW5nX2RvbWFpbiI6ICJ3ZWJkc2UuZmlyZWJhc2VhcHAuY29tIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIkVCRTlEMTlERDc1NzA1RTAzNzRBRkYzNjc2REVEOTM0NDFGNjZDRDkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIndlYmRzZS5maXJlYmFzZWFwcC5jb20iLCJtcF9wYWdlIjogImV1LmRvY3VzaWduLm5ldCIsIm1wX3JlZmVycmVyIjogIndlYmRzZS5maXJlYmFzZWFwcC5jb20iLCJtcF9icm93c2VyIjogIkZpcmVmb3giLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiMzA0Y2NiZGUyNGQzYjE1ZmZlMmQ1ZGUzMGMxMGRhYjIifX0%3D&ip=1&_=1675132194653
35.186.241.51200 OK 1 B URL HTTP/2 api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkZpcmVmb3giLCIkcmVmZXJyaW5nX2RvbWFpbiI6ICJ3ZWJkc2UuZmlyZWJhc2VhcHAuY29tIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIkVCRTlEMTlERDc1NzA1RTAzNzRBRkYzNjc2REVEOTM0NDFGNjZDRDkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIndlYmRzZS5maXJlYmFzZWFwcC5jb20iLCJtcF9wYWdlIjogImV1LmRvY3VzaWduLm5ldCIsIm1wX3JlZmVycmVyIjogIndlYmRzZS5maXJlYmFzZWFwcC5jb20iLCJtcF9icm93c2VyIjogIkZpcmVmb3giLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiMzA0Y2NiZGUyNGQzYjE1ZmZlMmQ1ZGUzMGMxMGRhYjIifX0%3D&ip=1&_=1675132194653
IP 35.186.241.51:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkZpcmVmb3giLCIkcmVmZXJyaW5nX2RvbWFpbiI6ICJ3ZWJkc2UuZmlyZWJhc2VhcHAuY29tIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIkVCRTlEMTlERDc1NzA1RTAzNzRBRkYzNjc2REVEOTM0NDFGNjZDRDkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIndlYmRzZS5maXJlYmFzZWFwcC5jb20iLCJtcF9wYWdlIjogImV1LmRvY3VzaWduLm5ldCIsIm1wX3JlZmVycmVyIjogIndlYmRzZS5maXJlYmFzZWFwcC5jb20iLCJtcF9icm93c2VyIjogIkZpcmVmb3giLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiMzA0Y2NiZGUyNGQzYjE1ZmZlMmQ1ZGUzMGMxMGRhYjIifX0%3D&ip=1&_=1675132194653 HTTP/1.1
Host: api.mixpanel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eu.docusign.net/
Origin: https://eu.docusign.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://eu.docusign.net
access-control-expose-headers: X-MP-CE-Backoff
access-control-max-age: 1728000
cache-control: no-cache, no-store
content-type: application/json
strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 31 Jan 2023 02:29:40 GMT
content-length: 1
x-envoy-upstream-service-time: 0
server: envoy
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2