cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
65.109.21.248301 Moved Permanently 169 B URL HTTP/1.1 cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/jk26938711cab/web-version/fe639k4p2q18f HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:00 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9329
Expires: Tue, 07 Feb 2023 13:31:29 GMT
Date: Tue, 07 Feb 2023 10:56:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2697
Expires: Tue, 07 Feb 2023 11:40:57 GMT
Date: Tue, 07 Feb 2023 10:56:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5134
Expires: Tue, 07 Feb 2023 12:21:34 GMT
Date: Tue, 07 Feb 2023 10:56:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 10:34:08 GMT
content-type: application/json
age: 1312
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jxASqEhcMnq1qbZCRC1pvtIjWiaeuuEqA1orE0WrdE/yHht3ENfVTV+ljKgoyb4NWwkwBrDr/kk=
x-amz-request-id: HA80KA1130GFYN1E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 10:45:32 GMT
age: 628
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 10:56:00 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 92e09cf6e6daf34b4b1e27db0a46d267
bcb3691b9dc28eb013dfc8b51961ff5d8daf0cb1
ac62c1f507f6b9dfcc20fc5ba1aaf76fe870492a0a88619657f79fe56d63a04c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC62C1F507F6B9DFCC20FC5BA1AAF76FE870492A0A88619657F79FE56D63A04C"
Last-Modified: Sun, 05 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12795
Expires: Tue, 07 Feb 2023 14:29:16 GMT
Date: Tue, 07 Feb 2023 10:56:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 10:51:19 GMT
age: 282
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
65.109.21.248200 OK 37 kB URL HTTP/1.1 cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (908)
Hash ccc509b406235b81b7d29e8c81f7a7dd
24f01b589193332ff4abe954a9182cf34328410f
b398ed9df4d19258b895c71cd0da2b949930a57ad109985a1b1342bc52525d72
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/jk26938711cab/web-version/fe639k4p2q18f HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: mwsid=3g60v58n3k60hgaje72i4acv54; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/hero.jpg
65.109.21.248200 OK 82 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/hero.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x636, components 3\012- data
Hash 33c5714d7a489e32d8d87bbc78848d0a
d5837e7b5a3679b5572623f890ba4a3fb0a1d790
1e1516033fc9e8a46fe89f6ebbf3187fd0c2b1da0bba8c1ace35cbe0e7c84b4e
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/hero.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 82202
Last-Modified: Fri, 15 Jul 2022 14:50:30 GMT
Connection: keep-alive
ETag: "62d17eb6-1411a"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/2.jpg
65.109.21.248200 OK 3.0 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/2.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Hash 1fa50f05ee73e2a20c345118c405dd8c
ba2c0a0e7153b737857299463d20d0ee183aa524
b874f1f1d0a490aafcf20a5a2894946e35455b075a0b54310fe2df8bbeb0a8a7
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/2.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 3012
Last-Modified: Fri, 15 Jul 2022 14:51:01 GMT
Connection: keep-alive
ETag: "62d17ed5-bc4"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/3.jpg
65.109.21.248200 OK 3.1 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/3.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Hash a18f5b707ae2afc1d13f5fc7bb323b3c
925db8e84335f4f390f0c1bcdf7141d0ff7a1e27
48ca7b8e6db211ee92ebb6e6724b0c1a81a4cffcf3190d3ecf90fdfce71276c9
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/3.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 3076
Last-Modified: Fri, 15 Jul 2022 14:51:09 GMT
Connection: keep-alive
ETag: "62d17edd-c04"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/1.jpg
65.109.21.248200 OK 2.6 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/1.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Hash 61b6c9aa813e09f7c6f8428e5a607feb
0a8d0a08f98b971887bb03021b54201b7446ac22
4858cba1fcc7fdedfd4fc8aba620d591137466ddbd9fa96dd68771f004f762d9
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/1.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 2606
Last-Modified: Fri, 15 Jul 2022 14:50:53 GMT
Connection: keep-alive
ETag: "62d17ecd-a2e"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/4.jpg
65.109.21.248200 OK 3.1 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/4.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Hash 8e9fd9e56ed34452455a533f19ac6fb1
a13fa8787397003e4e3f076ff23f18be9a1a64f7
24ba03463dbf6adb59424a7a2ff4f2d19ed2a91ea023e89e17aaf0d45c356e88
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/4.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 3143
Last-Modified: Fri, 15 Jul 2022 14:51:15 GMT
Connection: keep-alive
ETag: "62d17ee3-c47"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/app-1.jpg
65.109.21.248200 OK 16 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/app-1.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 434x130, components 3\012- data
Hash 2cfa4dc81c643dea6b892020f26920b5
18deb94bf0baf3f06831c73852bfb85840bed60f
f2022cc664cc6304980c919ae575c54d898179f87f40dd933f4adce9379ae8c3
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/app-1.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 15888
Last-Modified: Fri, 15 Jul 2022 14:50:41 GMT
Connection: keep-alive
ETag: "62d17ec1-3e10"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/app-2.jpg
65.109.21.248200 OK 16 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/app-2.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 434x130, components 3\012- data
Hash 46c2ac68826ecf53a97e718d8952d81f
f6b5afb9ea01fd4e133557d7b2099525976976c5
ca9c46eb3b8bd3760d50451425336c6171c04a19d2f45f6aeb5eae5ce446b934
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/app-2.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 16545
Last-Modified: Fri, 15 Jul 2022 14:50:47 GMT
Connection: keep-alive
ETag: "62d17ec7-40a1"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/sign.jpg
65.109.21.248200 OK 5.6 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/sign.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash d846f8eafa9d5df665aa0c06e4e0259a
f77271780c97cf570da9b1cbbae7019370893a08
82ef0dd3ee4ff1c2e6955778dc2b8b4ec49383c51f9bb3d2cc3b944fb4c1414b
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/sign.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 5626
Last-Modified: Fri, 15 Jul 2022 14:52:05 GMT
Connection: keep-alive
ETag: "62d17f15-15fa"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/custom-logo.png
65.109.21.248200 OK 5.6 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/custom-logo.png
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7391b7c8354f2c3e4692edf5075d852d
c396f2f436ad0b582d528b89bfdfe155db7add34
7dd3782d11059f5148bfe8f1a4ef29f0273eaea73c9df41fabb6e31d0c952655
GET /frontend/assets/files/custom-logo.png HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/png
Content-Length: 5614
Last-Modified: Wed, 13 Oct 2021 17:16:31 GMT
Connection: keep-alive
ETag: "6167146f-15ee"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-1.jpg
65.109.21.248200 OK 19 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-1.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 280x253, components 3\012- data
Hash 7e122c0def0f54470243c3cf2d1a6509
f6724a96b6d0f135a0f69b32a70d599e3027eb70
ec430e6487eb1244a3c408654a24e8cc2a49b7349f430f82debff704209b2bb7
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-1.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 19435
Last-Modified: Fri, 15 Jul 2022 14:51:24 GMT
Connection: keep-alive
ETag: "62d17eec-4beb"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-2.jpg
65.109.21.248200 OK 23 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-2.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 280x281, components 3\012- data
Hash dec267eb9130ab4c16877e2b6990caa6
8d7631186d10842d3b10cf181792883f18c9976a
936b6200ba54e5a6d1c4ef220c88c31b7f4f4b4c275a91572b9250b2528ac5b2
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-2.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 22727
Last-Modified: Fri, 15 Jul 2022 14:51:32 GMT
Connection: keep-alive
ETag: "62d17ef4-58c7"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-5.jpg
65.109.21.248200 OK 9.5 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-5.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 260x79, components 3\012- data
Hash 23ff6851786c2eaa7c1de1063fd3469b
80ae67a56c5433e15ee3a591eed160f6db27480d
ae6fe67c84b853e4a5b05c32118c987cdc61f698479e756ab0bea69881220f4d
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-5.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 9483
Last-Modified: Fri, 15 Jul 2022 14:51:57 GMT
Connection: keep-alive
ETag: "62d17f0d-250b"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7590
Expires: Tue, 07 Feb 2023 13:02:31 GMT
Date: Tue, 07 Feb 2023 10:56:01 GMT
Connection: keep-alive
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-3.jpg
65.109.21.248200 OK 29 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-3.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 280x325, components 3\012- data
Hash d54f29abee7f41131ae3299c0b3272e3
903813ec9a38385c0178a2d503966aab81fc998b
4fb0c4c84a362d684cd69eedb85e0988bb2609b155899b38c180f32397e8991c
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-3.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 29354
Last-Modified: Fri, 15 Jul 2022 14:51:39 GMT
Connection: keep-alive
ETag: "62d17efb-72aa"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-4.jpg
65.109.21.248200 OK 18 kB URL HTTP/1.1 cluster1.mailsenpai.com/frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-4.jpg
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 280x253, components 3\012- data
Hash 8061fe4ef1ab9c6caeebf0f2ac898594
af0367453f5490521f0bf62e2ba21edc7b704f35
b0925caa7d7180eaea63519316aa375a075f13104aa5b5db5e5e8a09e7f16ebd
GET /frontend/assets/files/customer/ky027ejggmd37/22/lug22/wbm/lloydsdirect/testimonial-4.jpg HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/jpeg
Content-Length: 18351
Last-Modified: Fri, 15 Jul 2022 14:51:48 GMT
Connection: keep-alive
ETag: "62d17f04-47af"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
tracking.8-95fe3-wbm.co.uk/track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_surname=Trainor&pp_name=Sean&pp_email=sean.trainor@amcoservices.co.uk
212.100.228.202302 Found 0 B URL HTTP/1.1 tracking.8-95fe3-wbm.co.uk/track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_surname=Trainor&pp_name=Sean&pp_email=sean.trainor@amcoservices.co.uk
IP 212.100.228.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_surname=Trainor&pp_name=Sean&pp_email=sean.trainor@amcoservices.co.uk HTTP/1.1
Host: tracking.8-95fe3-wbm.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: https://www.clear-reports.com/track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_email=sean.trainor%40amcoservices.co.uk
X-Powered-By: PleskLin
cluster1.mailsenpai.com/campaigns/jk26938711cab/track-opening/fe639k4p2q18f
65.109.21.248200 OK 0 B URL HTTP/1.1 cluster1.mailsenpai.com/campaigns/jk26938711cab/track-opening/fe639k4p2q18f
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/jk26938711cab/track-opening/fe639k4p2q18f HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 07 Feb 2023 10:56:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Pragma: no-cache
cluster1.mailsenpai.com/favicon.ico
65.109.21.248200 OK 62 kB URL HTTP/1.1 cluster1.mailsenpai.com/favicon.ico
IP 65.109.21.248:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, -106x100, 32 bits/pixel\012- data
Hash 06c4e377ea25afcbf74fba38ce69a909
d35cf9611af867157f95091177fbe5b67ea28851
63f68c49bb6d0c5774c0dd2ddf037f4fcce050f7fab6610e2d86f95681c3b948
GET /favicon.ico HTTP/1.1
Host: cluster1.mailsenpai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cluster1.mailsenpai.com/campaigns/jk26938711cab/web-version/fe639k4p2q18f
Cookie: mwsid=3g60v58n3k60hgaje72i4acv54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: image/x-icon
Content-Length: 62062
Last-Modified: Tue, 29 Dec 2020 10:28:56 GMT
Connection: keep-alive
ETag: "5feb04e8-f26e"
Expires: Wed, 07 Feb 2024 10:56:01 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a53660c4e8d8f490b0eb3a2c609d4cbe
2001decebc0c0148fd3c179c87fdb24e43ac88ed
bf222c913c8c0364d45dc434633156a2d27074ab637cbfbd7d4eb4a26de98eca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 14:53:34 GMT
Expires: Sun, 12 Feb 2023 14:53:33 GMT
Etag: "2001decebc0c0148fd3c179c87fdb24e43ac88ed"
Cache-Control: max-age=445651,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795b98bb4c9d0b65-OSL
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nN/l+HKnM7ZMsudgaoZiWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qI9y55gZCUhi+/289jaw7A3ChhM=
www.clear-reports.com/track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_email=sean.trainor%40amcoservices.co.uk
212.100.228.202200 OK 0 B URL HTTP/1.1 www.clear-reports.com/track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_email=sean.trainor%40amcoservices.co.uk
IP 212.100.228.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/view.php?wcc=b3cab2004cf68c5a762b86b3b45dc160&wchwci=164716&pp_subid=enbreport&pp_email=sean.trainor%40amcoservices.co.uk HTTP/1.1
Host: www.clear-reports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 10:56:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=dskjteicjvgapea5q8qagmv0a5; path=/
cr_kpiu_w_12836_43610907217660dd58b1220e2ad45b03=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
cr_kpi_wc_152257_uv=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
cr_kpi_wc_152257_uc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
cr_kpiu_w_12836_43610907217660dd58b1220e2ad45b03=152257-1-0-0; expires=Mon, 08-May-2023 10:56:01 GMT; path=/
cr_kpiu_w_12836_43610907217660dd58b1220e2ad45b03_new=152257-1-0-0; Expires=Mon, 08 May 2023 10:56:01 10MayGMT; Path=/; SameSite=None; Secure
cr_kpih_w_12836_43610907217660dd58b1220e2ad45b03=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
cr_kpih_w_12836_43610907217660dd58b1220e2ad45b03=v-1170910925; expires=Mon, 08-May-2023 10:56:01 GMT; path=/
cr_kpih_w_12836_43610907217660dd58b1220e2ad45b03_new=v-1170910925; Expires=Mon, 08 May 2023 10:56:01 10MayGMT; Path=/; SameSite=None; Secure
P3P: CP="NON DSP COR CUR PSA PSD IVA IVD HIS OUR IND NAV COM"
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 10:56:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 10:56:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 10:56:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 284a62b098827c448218892eb5a732f9
6679d1ff8f2986b6103e94a54632892e2280b149
17332bece792a4e8d571b5161145ef2105abc513e140c738885899401b9c8d14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14943
x-amzn-requestid: 1145ff12-5237-426c-8efc-c25c1061bcce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2GpMFTEIAMFxgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df1e3a-528eb972059e86c33334fedd;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 03:10:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: l4_Oe4gR-lLAFdTXTUvw2TCtg5D6X2P1ELocQ53QHK9s3vj30oacAA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:02:48 GMT
age: 24795
etag: "6679d1ff8f2986b6103e94a54632892e2280b149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5eb98d203ce09cf8d1964decb2e44058
004d35f6af8f06b453a4c047e202fddbd410aaf4
80232fe0b4ce7393653076fc39d2d315274e8c17f76a4f754576f4a8a1b3baef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6779
x-amzn-requestid: e2a59d9f-577d-4071-8d40-80e54051fc18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVx6FjwoAMFyNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033f-1fcd55e1413543440d46307c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FZJQ69FF1iyOoekLlK7Vj_Lmyl26qhKWmzXUvMeoob54yr8K_YFRhA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 10:10:06 GMT
age: 2757
etag: "004d35f6af8f06b453a4c047e202fddbd410aaf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4dd67c975f1c1f91ca92f37c9e098231
b9096efb56b6e196b13722e767a9d2762737cbb9
39f21e5db4089d6cf94646b76cd9032e9831ed03f7c2f0d980fac09c893a52db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8110
x-amzn-requestid: fdfa4af0-a6e4-4664-a86b-48fd6f374d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77JCFyzoAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17239-205cdd9d70f23cb358c65222;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zHo_IPM2j3t4prd4ZuLR7c-GPrWHxSxqSUprBxrT9n_DG8ySpkpb8g==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:46:30 GMT
age: 47373
etag: "b9096efb56b6e196b13722e767a9d2762737cbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 58283
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 13217
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 47235
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2