bs.serving-sys.com/Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0
54.93.154.7301 Moved Permanently 134 B URL HTTP/1.1 bs.serving-sys.com/Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0
IP 54.93.154.7:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0 HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 15 Dec 2022 23:47:40 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://bs.serving-sys.com:443/Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8831
Expires: Fri, 16 Dec 2022 02:14:51 GMT
Date: Thu, 15 Dec 2022 23:47:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Fri, 16 Dec 2022 00:42:41 GMT
Date: Thu, 15 Dec 2022 23:47:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 23:45:06 GMT
content-type: application/json
age: 154
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b38399fcc8246505e5e6b0f62803a5a
bb374f8d97b2bd798873d74c6bbab20ad6843e96
406ab3af8adf2b151c052a06c0379fd8d83d3362e90c17ac2e5481b6b9a7441f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "406AB3AF8ADF2B151C052A06C0379FD8D83D3362E90C17AC2E5481B6B9A7441F"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Fri, 16 Dec 2022 02:45:45 GMT
Date: Thu, 15 Dec 2022 23:47:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LZsePrMO8Br2o6RLOiqkdXwZ2LS0k7HdiQcNVAdLMvvPbJIxebP2tbR5QpQZTwjTyZGp9NEtIMrw0hK8NHOZdw==
x-amz-request-id: 2AEBJSFHHE1C2GMS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 22:51:05 GMT
age: 3395
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 23:47:40 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 62a48f6755a22490d975927ccad10012
39f067f0ace82e02bc07e0db0ba1a31446719522
0444e9b45641bd1a29988c2c8156ea1c3056a1abd810deec789c37d2b417352a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117053
Date: Thu, 15 Dec 2022 23:47:40 GMT
Etag: "639ac1dd-1d7"
Expires: Sat, 17 Dec 2022 08:18:33 GMT
Last-Modified: Thu, 15 Dec 2022 06:42:37 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5PsT4NwnHRt5_fjrRqLlJSkufCRE-G6uIh6IXYlwPLKA4W5iPqAKcg==
Age: 5756
bs.serving-sys.com/Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0
52.57.127.251302 Found 186 B URL HTTP/2 bs.serving-sys.com/Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0
IP 52.57.127.251:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0dd950a2c24b8ab667fd32373cd0a75b
cb909b930bc369113214cc3bf009ab730986e1b0
f9c8adc5326c34f83cfc7b3af5c718183df790096203d54fe51a1136d798d102
GET /Serving/adServer.bs?cn=brd&PluID=0&Pos=4092340412871223&EyeblasterID=1086486580&clk=1&ctick=17371&rtu=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1&c=%22&data=05|01robert.james20212@gmail.com|e62088b99d8f4379154b08dadeb2ab07|fb6AB12ABCDEFGHIJKLMNOPQ47e98204|0|0|638067156257244942|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=hRQPI1yXr2C6cByJy/6KU9hZcmvJqGvYoJukRzb1R2s=&reserved=0 HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 15 Dec 2022 23:47:40 GMT
content-type: text/html; charset=UTF-8
content-length: 186
location: https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 05-Jun-2005 22:00:00 GMT
server: Microsoft-IIS/10.0
set-cookie: S_1077704892=9028595261757009466; expires=Sat, 17-Dec-2022 11:47:00 GMT; SameSite=None; Secure
r1=1671148060_1; SameSite=None; Secure
eyeblaster=; expires=Mon, 01-Jan-2000 00:00:00 GMT; domain=.serving-sys.com; path=/; SameSite=None; Secure
u2=32f1a18d-04b0-4471-8171-a789edc932924Kd060; expires=Wed, 15-Mar-2023 23:47:00 GMT; domain=.serving-sys.com; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 23:08:00 GMT
age: 2381
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1
199.36.158.100404 Not Found 9.1 kB URL HTTP/2 mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1101)
Hash 48c12881ea6af898c22115d4785c7dc8
86096bc6e4b5d7a62d76bb0d0d0a0894a037e152
6e142af392d96e5dd2bf3560b6f3b2eed3daea8de3f521a77061209eabbbd12a
Analyzer Verdict Alert fortinet Phishing
GET /gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1 HTTP/1.1
Host: mynetid23.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "6e142af392d96e5dd2bf3560b6f3b2eed3daea8de3f521a77061209eabbbd12a"
last-modified: Thu, 15 Dec 2022 12:04:48 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Thu, 15 Dec 2022 23:47:41 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1671148061.984945,VS0,VE167
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9123
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
IP 142.250.74.131:0
Hash a9bfe5ab1c59709ab1d917c620dcd5ec
f24984bfe17e9fca22bd4ab5400c70c9fca6d9b4
9241a0ba8b9e4e868de9119bd7d13c7d22ce69f605d938d0a079120398c1b060
POST /s/gts1d4int/8EklPeV1cd0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:47:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
152.199.23.37200 OK 5.4 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (14442)
Hash fa5651ac32c6a7c1a9fe1511c36697c9
192e13ecd4892c62f4c01deb684759620812d152
dd4ea852b98a6e5085f81a4b34914684c0d700180c1bbeec08e37bc953ea22ed
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 16690766
cache-control: public, max-age=31536000
content-md5: +lZRrDLGp8Gp/hURw2aXyQ==
content-type: application/x-javascript
date: Thu, 15 Dec 2022 23:47:41 GMT
etag: 0x8D99FD65BAB30A3
last-modified: Thu, 04 Nov 2021 21:02:05 GMT
server: ECAcc (ska/F7BE)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d636d6ac-c01e-000a-7c12-79f4c7000000
x-ms-version: 2009-09-19
content-length: 5386
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
152.199.23.37200 OK 13 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
IP 152.199.23.37:0
File type Unicode text, UTF-8 text, with very long lines (32002)
Hash 1986d215d2c4f176fda42cd283b709e8
84d1de151fdccfc0d79291df554d284f79797f9a
19ea4555f2964e2375d07b1fd46e7e655ca5acbea84ade244bbe415ba9c4f416
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynetid23.web.app
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 4489581
cache-control: public, max-age=31536000
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
content-type: application/x-javascript
date: Thu, 15 Dec 2022 23:47:41 GMT
etag: 0x8D992B5E417004E
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (ska/F73C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 503482f5-501e-0089-330a-e8ffe2000000
x-ms-version: 2009-09-19
content-length: 12608
X-Firefox-Spdy: h2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
152.199.23.37200 OK 20 kB URL HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
IP 152.199.23.37:0
File type ASCII text, with very long lines (61177)
Hash d0ed87f63b8660bd339337185abd0d22
eab58f2ada552aaaa64115714a53911b808e9960
7de61e0e2dc500867def43564fd1e74e44e81659d37017f4a2805de625b0ec0d
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynetid23.web.app
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 6332793
cache-control: public, max-age=31536000
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
content-type: text/css
date: Thu, 15 Dec 2022 23:47:41 GMT
etag: 0x8D982C8F03AF4D4
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (ska/F769)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c56d37c1-b01e-0053-3746-d76e6f000000
x-ms-version: 2009-09-19
content-length: 19877
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
152.199.23.37200 OK 26 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (49529)
Hash c4099527852bb570136a02c3d2d0d7a1
b07b674fb73ddddc9bff08b48b6b147505cb2965
a3c764080babe34837f4141640fa646aa98a6963a2dcf0abfb482b6007c9fa5b
GET /shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 4517328
cache-control: public, max-age=31536000
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
content-type: application/x-javascript
date: Thu, 15 Dec 2022 23:47:41 GMT
etag: 0x8D9942E72241B02
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (ska/F6E6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f8241864-001e-000b-50c9-e70aca000000
x-ms-version: 2009-09-19
content-length: 26117
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6302
Cache-Control: max-age=126261
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:47:41 GMT
Etag: "639ae3b4-1d7"
Expires: Sat, 17 Dec 2022 10:52:02 GMT
Last-Modified: Thu, 15 Dec 2022 09:07:00 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
152.199.23.37200 OK 129 kB URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
IP 152.199.23.37:0
File type ASCII text, with very long lines (64616)
Size 129 kB (128665 bytes)
Hash 7be184a40ad9221f627469d648e8f4ce
291d54948a4d69bea0b289648879dbcf7cd2ac9f
8dc9a8ee1ce80dc85a6715e5e6188d781ec6375aa067ba1310637b24d483b7b7
GET /shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynetid23.web.app
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 3303853
cache-control: public, max-age=31536000
content-md5: e+GEpArZIh9idGnWSOj0zg==
content-type: application/x-javascript
date: Thu, 15 Dec 2022 23:47:41 GMT
etag: 0x8D99FD6608B3F3E
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (ska/F7A6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ee0683d1-f01e-0014-0cd3-f28a01000000
x-ms-version: 2009-09-19
content-length: 128665
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
152.199.23.37200 OK 673 B URL HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP 152.199.23.37:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Hash 0e176276362b94279a4492511bfcbd98
389fe6b51f62254bb98939896b8c89ebeffe2a02
9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 10449505
cache-control: public, max-age=31536000
content-md5: DhdidjYrlCeaRJJRG/y9mA==
content-type: image/svg+xml
date: Thu, 15 Dec 2022 23:47:41 GMT
etag: 0x8D7B007297AE131
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F795)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82e0eb20-701e-0011-72d5-b19fa0000000
x-ms-version: 2009-09-19
content-length: 673
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jOHk6TNhGMAW3vuJoHQNZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rmMM2v8GRgqmtd0FnsXzO566Nqw=
aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
13.107.213.53200 OK 17 kB URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynetid23.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 17174
content-type: image/x-icon
content-md5: EuPayFgGHQiAI7K9SOL6lg==
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 626edff6-901e-007a-0c3c-0fcb66000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 02wSZYwAAAABjAOqsTR6jSIjhOQbHMJ43QU1TMDRFREdFMTgxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0HbKbYwAAAAC5utO3cyImRaR/Xt1EtOaAU1ZHMjBFREdFMDUxMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Thu, 15 Dec 2022 23:47:41 GMT
X-Firefox-Spdy: h2
login.live.com/Me.htm?v=3
20.190.159.3200 OK 1.1 kB URL HTTP/1.1 login.live.com/Me.htm?v=3
IP 20.190.159.3:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
Hash 9c08f0f5b411918572bb176b56d4b747
12814f1ffd1c414337cfc57da7561f4386ec8b67
d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynetid23.web.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 12 Dec 2032 23:47:41 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: f4dc5918-c2c3-4881-b575-95a95ed7eea2
PPServer: PPV: 30 H: BL6PPF46E8EF781 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=763e848f63a642b3b8f12ffc64c61116; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1671148062&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Thu, 15 Dec 2022 23:47:41 GMT
Content-Length: 1132
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13295
Expires: Fri, 16 Dec 2022 03:29:17 GMT
Date: Thu, 15 Dec 2022 23:47:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13295
Expires: Fri, 16 Dec 2022 03:29:17 GMT
Date: Thu, 15 Dec 2022 23:47:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13295
Expires: Fri, 16 Dec 2022 03:29:17 GMT
Date: Thu, 15 Dec 2022 23:47:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VKiSckNu6PytSQ7EIpATluVcfUOgFKEGId4nCg2sGcbl6Bqbt2-wRg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:50:30 GMT
age: 7032
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00f5a5bd-1394-4dc7-9558-bf36502f5a45.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00f5a5bd-1394-4dc7-9558-bf36502f5a45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91773f7aa7f55783662d3714ec66d03a
217708c5ac8003d7d0f90200744da4ca07a1506c
2ced817da5c13aad9059c98b4ddb29a13ecb2cb4ee118298b1c9b42ed6bca0de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00f5a5bd-1394-4dc7-9558-bf36502f5a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12942
x-amzn-requestid: c24b370e-1b90-4a84-9cd8-ddf93dbfa165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ7gEwUoAMF05g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9516-429915140a9ffcc272a2620d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:43:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KJ5QVcjO9r17UagPqlKXFHnmR0TRCHyUvHnd2B34wg8AwMbj7NEdVQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:53 GMT
age: 5869
etag: "217708c5ac8003d7d0f90200744da4ca07a1506c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30739a2896ba00103578a7cd3589767c
b8da5c239832fc19c22722c23412adac1ef200ec
b406a1135ac6a56d3b7e3ba1f9adeb1a69d56e7a070f30e1dd20fea4ebedf3a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: e579538e-8990-425d-a635-ede55d60ed50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNSvBETaoAMFyKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b97f9-3560628d3673feb33f4b958e;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:56:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CjP6MuggD8GZZTJUICeoKXHsb5qopw53uqsKfb6drH5nHj4gL1CptQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:00 GMT
age: 5562
etag: "b8da5c239832fc19c22722c23412adac1ef200ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6687764dac3b78ac0875863d82d1c43
cf0b4f1a944611c48d6880fad9e6e8f59f4ede85
891d55811df9c641d6661226a40eaed5ca69478d13037c6d36d4b05e66cbd09a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7626
x-amzn-requestid: c645ee0a-505b-4d4c-92d9-97e6478a6f6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRNQHhsoAMFR1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9587-6d1dbf0f75a3eb86447ea1ed;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4BE_glis7gAiH9xE17A0HdWY7u2IfQB6DxMRwHYQXbVelLXH4JrKPQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:59 GMT
age: 5863
etag: "cf0b4f1a944611c48d6880fad9e6e8f59f4ede85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61f4298f623f1d3736e5a4e34d42cb29
d183592b6efcd90bc1b10b11641999e82b30b813
3f69949de6c2328a1cb564d90338220812b05b50acafd02051619a0777b90a57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11517
x-amzn-requestid: 0a7dcdfb-d929-402d-9c1b-3fb369ae56d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJJELFIAMFRVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b956d-2a8feedd7c51991c1fb9676c;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bfTeGDInC1kr-T9TbxxhYeym2_TeJp734xXUh87QOybYDZFgROncQw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:19:32 GMT
age: 5290
etag: "d183592b6efcd90bc1b10b11641999e82b30b813"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7368b60db0458b59ffc968f09b85fdd5
f359f9799d0f0dc7dccfbadeaf922b4050a5e692
26aa7f684080dace9064fc7973c6a5761985c69e73373fb24c644ab2efe26c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12482
x-amzn-requestid: edd7e693-4c4a-4203-8b12-c044825947bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJvGAUIAMF1gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9571-151a50943b420ba86ab61dda;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s2ITT38OGjs_LjIKFKnrqzT0Oay3veQw3iPUL8b3tdD1yOhIzwvu4g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:17:09 GMT
age: 5433
etag: "f359f9799d0f0dc7dccfbadeaf922b4050a5e692"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vancechurch.org/wp-links.php?url=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1
162.144.205.136302 Found 0 B URL HTTP/1.1 vancechurch.org/wp-links.php?url=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1
IP 162.144.205.136:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-links.php?url=https://mynetid23.web.app/gF4z0h3ffrF4zAB12ABCDEFGHIJKLMNOPQnW1 HTTP/1.1
Host: vancechurch.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynetid23.web.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Dec 2022 23:53:41 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Location: https://accounts.wj-asys.com/?username=geoffreab12abcdefghijklmnopqm#/docusign/oauth/authorize?client_id=0.33533606088503-0ff1-0.89868064266568&auth=10.61506769415693-0.75010731758089
Cache-Control: max-age=2592000
Expires: Sat, 14 Jan 2023 23:53:41 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28a090208c066aa60a18785d02aa7b0d
e3daf7e802ab8f11fb12187b3eb9bb7951660795
a5703b0ab38e75be5eaadadef6d7c682a9a94a39179ac05d45410c690af736b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5703B0AB38E75BE5EAADADEF6D7C682A9A94A39179AC05D45410C690AF736B9"
Last-Modified: Thu, 15 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20733
Expires: Fri, 16 Dec 2022 05:33:16 GMT
Date: Thu, 15 Dec 2022 23:47:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68214328be63f2238f90aa3cad5958a3
d814ab1cbb5ccbbefab5c0e399908d345eba8611
a3e71942b572ae491b6bca8782e977222865b5e047513c063e2f42a55391db77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:47:43 GMT
Last-Modified: Thu, 15 Dec 2022 23:25:53 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f892381487b614151b6ab63950838dcd
a7d09daba566b998d54177254a90c6108fefa358
3ae1d224ffc65707d1e8ff0bc1531a0825ee9571aa8bc0697010fe04ef911387
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160992
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:47:44 GMT
Etag: "639b8400-1d7"
Expires: Sat, 17 Dec 2022 20:30:56 GMT
Last-Modified: Thu, 15 Dec 2022 20:30:56 GMT
Server: nginx
Content-Length: 471
accounts.wj-asys.com/?username=geoffreab12abcdefghijklmnopqm
31.172.83.62302 Found 210 B URL HTTP/2 accounts.wj-asys.com/?username=geoffreab12abcdefghijklmnopqm
IP 31.172.83.62:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 40d6a029029868df908f70ebc544f030
404b334324537cbd74fbae8755d9ecde6d2ad159
2cd57c86d9d6ef85c6f84c59a596dbe69a260e9073ed3530c97a808352ea4b78
Analyzer Verdict Alert fortinet Phishing
GET /?username=geoffreab12abcdefghijklmnopqm HTTP/1.1
Host: accounts.wj-asys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynetid23.web.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 15 Dec 2022 23:47:43 GMT
content-type: text/html; charset=utf-8
location: https://www.docusign.net/Member/EmailStart.aspx?m=c220ef5d-cb80-41ed-b0ab-3120c5e203c2&dl=1
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.docusign.net/Member/EmailStart.aspx?m=c220ef5d-cb80-41ed-b0ab-3120c5e203c2&dl=1&cookiecheck=1
162.248.184.27302 Found 818 B URL HTTP/1.1 www.docusign.net/Member/EmailStart.aspx?m=c220ef5d-cb80-41ed-b0ab-3120c5e203c2&dl=1&cookiecheck=1
IP 162.248.184.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (746), with CRLF line terminators
Hash 12b7b99ff914d3e9d612068e123c32dd
7bcc9179c91dd7eaef1a794228d6cd11a1525cca
39cc83d5d9d512d0b472e9b14a146f5f7a98f2054fbbc88fd31ddef3b39846be
GET /Member/EmailStart.aspx?m=c220ef5d-cb80-41ed-b0ab-3120c5e203c2&dl=1&cookiecheck=1 HTTP/1.1
Host: www.docusign.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynetid23.web.app/
Connection: keep-alive
Cookie: pvm=SE5FE49_8811; ASP.NET_SessionId=aalb4uwjuuwv5b2xzejdxs33; __AntiXsrfMemberToken=0718a66a3472416fb9c0e3916ee2abe1; DocuSignCookieCheck=1; BIGipDocuSign_NA1=!49xG/49Nr1e/p/20bOlB09wl7Vsgf2Uj5tVWMypelIZG4h9T0yagsRxXjdOM3GYRcpEtQ3uILFmQaQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiIwZTE1YWYwNy0yZjdjLTQ1MGMtODE1Ni1iYTdiNTdjNmI5NzEiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: pvm=SE5FE49_8811; path=/; secure; HttpOnly; SameSite=None
MemberConsoleMobile=; path=/; secure; HttpOnly; SameSite=None
Branding=DistributorCode=DocuSign&ProductName=DocuSign; expires=Mon, 01-Jan-2024 08:00:00 GMT; path=/; secure; HttpOnly; SameSite=None
ssoEnvelope=c220ef5d-cb80-41ed-b0ab-3120c5e203c2; expires=Thu, 15-Dec-2022 23:57:44 GMT; path=/; secure; HttpOnly; SameSite=None
acctLogin=True; expires=Fri, 15-Dec-2023 23:47:44 GMT; path=/; secure; HttpOnly; SameSite=None
BIGipDocuSign_NA1=!0sFZZkln5uOQHnq0bOlB09wl7Vsgf7FpW44E6b46ClNN75OWANihhjg4TlSL9Qh3oyIBh70/4+Ri2g==; path=/; Httponly; Secure; Samesite=None
X-DocuSign-Node: SE5FE49
Date: Thu, 15 Dec 2022 23:47:44 GMT
Content-Length: 818
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68214328be63f2238f90aa3cad5958a3
d814ab1cbb5ccbbefab5c0e399908d345eba8611
a3e71942b572ae491b6bca8782e977222865b5e047513c063e2f42a55391db77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:47:44 GMT
Last-Modified: Thu, 15 Dec 2022 23:25:53 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f434674910f46e448bdb5223b39db04b
bd13676c8cb49f678781b4426b9d52f049eb83d5
5502d6e6821efac0e79c14e0ec529a91da561c52fdc2ec12f300f86fb7c3bd63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4061
Cache-Control: max-age=121875
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:47:44 GMT
Etag: "639adb56-1d7"
Expires: Sat, 17 Dec 2022 09:38:59 GMT
Last-Modified: Thu, 15 Dec 2022 08:31:18 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 471
account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiIwZTE1YWYwNy0yZjdjLTQ1MGMtODE1Ni1iYTdiNTdjNmI5NzEiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
185.81.100.37200 OK 9.3 kB URL HTTP/1.1 account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiIwZTE1YWYwNy0yZjdjLTQ1MGMtODE1Ni1iYTdiNTdjNmI5NzEiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
IP 185.81.100.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7136), with CRLF line terminators
Hash eb68ea67547187a8b803fcaf8256aa87
85680eadae8c2fff3397e01537c91a150ad1f9f6
010c43bf3dfd2a5727242a30a29f6d62e52776f7293f5148f1d9aaf4a3a766f3
GET /oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiIwZTE1YWYwNy0yZjdjLTQ1MGMtODE1Ni1iYTdiNTdjNmI5NzEiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true HTTP/1.1
Host: account.docusign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynetid23.web.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-DocuSign-TraceToken: d4d1dcb3-7610-4ef1-96f2-19526f61126d
X-Frame-Options: SAMEORIGIN
Content-Security-Policy-Report-Only: default-src 'self' https:;script-src 'unsafe-inline' 'self';style-src 'unsafe-inline' 'self';img-src data: https://docucdn-a.akamaihd.net 'self' https://*.docusign.com https://*.docusign.net https://www.docusign.com.au https://www.docusign.co.uk https://www.docusign.ca;font-src 'self' https://* data:;connect-src 'self' data: https://api-js.mixpanel.com https://docucdn-a.akamaihd.net https://telemetry.dev.docusign.net https://telemetry-s.docusign.net https://telemetry-d.docusign.net https://telemetry.docusign.net https://www.docusign.com https://account.docusign.com;object-src 'none';media-src 'none';frame-src 'self' https://docusign.sjv.io; report-uri /client-errors/csp/report
Content-Security-Policy: default-src 'self' https:;script-src 'unsafe-inline' 'self';style-src 'unsafe-inline' 'self';img-src data: https://docucdn-a.akamaihd.net 'self' https://*.docusign.com https://*.docusign.net https://www.docusign.com.au https://www.docusign.co.uk https://www.docusign.ca;font-src 'self' https://* data:;connect-src 'self' data: https://api-js.mixpanel.com https://docucdn-a.akamaihd.net https://telemetry.dev.docusign.net https://telemetry-s.docusign.net https://telemetry-d.docusign.net https://telemetry.docusign.net https://www.docusign.com https://account.docusign.com;object-src 'none';media-src 'none';frame-src 'self' https://docusign.sjv.io; report-uri /client-errors/csp/enforce
X-XSS-Protection: 1; mode=block; report=/client-errors/xss
Set-Cookie: __RequestVerificationToken=AfYnWICX84UcrI-Zgg8XADgB0; path=/; secure; HttpOnly
X-DocuSign-Node: FR1FE21
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer,strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Date: Thu, 15 Dec 2022 23:47:44 GMT
Content-Length: 9263
account.docusign.com/ReactApp/src/vendor/html-domparser.js
185.81.100.37200 OK 1.1 kB URL HTTP/1.1 account.docusign.com/ReactApp/src/vendor/html-domparser.js
IP 185.81.100.37:0
File type ASCII text, with CRLF line terminators
Hash 3df93052c874fab3c7d48b4e25b927a2
d71db5b307735280048c30d2b693b2fdf20d647e
8a062190dacef122be3bdc0411d765f75c1c9ce63cd5a3e51ad53857a1ffebad
GET /ReactApp/src/vendor/html-domparser.js HTTP/1.1
Host: account.docusign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiIwZTE1YWYwNy0yZjdjLTQ1MGMtODE1Ni1iYTdiNTdjNmI5NzEiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
Connection: keep-alive
Cookie: __RequestVerificationToken=AfYnWICX84UcrI-Zgg8XADgB0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/javascript
Expires: Fri, 16 Dec 2022 03:34:56 GMT
Last-Modified: Mon, 21 Nov 2022 17:10:10 GMT
Accept-Ranges: bytes
ETag: "1D8FDCC1C74C500"
X-DocuSign-Node: FR1FE22
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer,strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Date: Thu, 15 Dec 2022 23:47:44 GMT
Content-Length: 1103
account.docusign.com/ReactApp/dist/bundle.js?version=22.4.0.36925
185.81.100.37200 OK 517 kB URL HTTP/1.1 account.docusign.com/ReactApp/dist/bundle.js?version=22.4.0.36925
IP 185.81.100.37:0
File type ASCII text, with very long lines (65472)
Size 517 kB (517118 bytes)
Hash 1829ba8e364d464fd1d4fdbc26359e30
b2229706c9ca74bb6ebd9bd4f6327af8e0e62a7d
8279c69f6e8d8368972d2954775e380a35e5c6bd26982b3e460908319cd5063d
GET /ReactApp/dist/bundle.js?version=22.4.0.36925 HTTP/1.1
Host: account.docusign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.docusign.com/oauth/auth?response_type=code&client_id=7DB10974-03A2-49EE-9EB5-D0FA71C8E885&redirect_uri=https%3A%2F%2Fwww.docusign.net%2Fmember%2FAccountServerCallback.aspx&state=eyJFbnZlbG9wZUlkIjoiYzIyMGVmNWQtY2I4MC00MWVkLWIwYWItMzEyMGM1ZTIwM2MyIiwiUmVjaXBpZW50SWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJIYXNoIjoiNDI1QzVDQUI3MDRFQkE2OTlCMUM3REU2ODc4NTExQ0FGOUE2MDQ2QkMzRkVFMzVCN0EzMjQxNTZGMThFQ0Q4QyIsIkNsaWVudElkIjoiN0RCMTA5NzQtMDNBMi00OUVFLTlFQjUtRDBGQTcxQzhFODg1IiwiVHJhbnNhY3Rpb25JZCI6IiIsIkNvcnJlbGF0aW9uVG9rZW4iOiIwZTE1YWYwNy0yZjdjLTQ1MGMtODE1Ni1iYTdiNTdjNmI5NzEiLCJTaWduaW5nUGF0aFBhcnRVcmwiOiIifQ%3D%3D&login_hint&ui_locales=en&trap=true
Connection: keep-alive
Cookie: __RequestVerificationToken=AfYnWICX84UcrI-Zgg8XADgB0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 21 Nov 2022 17:28:08 GMT
Accept-Ranges: bytes
ETag: "084fe9ecefdd81:0"
Vary: Accept-Encoding
X-DocuSign-Node: FR2FE21
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer,strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Date: Thu, 15 Dec 2022 23:47:44 GMT
Content-Length: 517118
docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff
95.101.10.42200 OK 48 kB URL HTTP/2 docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff
IP 95.101.10.42:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 47748, version 1.0\012- data
Hash 4a573fac9111d6adcb3994983539bd75
69bebefe9edeac85cc27516dbe0ea176c1c2c25c
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
GET /olive/fonts/2.8.0/HelveticaNeueW01-55Roma.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://account.docusign.com/
Origin: https://account.docusign.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: font/woff
etag: "4a573fac9111d6adcb3994983539bd75:1603842490.434411"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
content-length: 47748
cache-control: max-age=3628800
date: Thu, 15 Dec 2022 23:47:45 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff
95.101.10.42200 OK 38 kB URL HTTP/2 docucdn-a.akamaihd.net/olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff
IP 95.101.10.42:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 37560, version 1.0\012- data
Hash b9d0556a2c620a939d54c63be3df6c6c
97968884d4c5a93c46ab1334ce9e9156c694ea4d
90973db3f26fe86b648ec735f3183b44902e5cedf2b1a042402bac39da70404f
GET /olive/fonts/2.8.0/HelveticaNeueW01-75Bold.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://account.docusign.com/
Origin: https://account.docusign.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: font/woff
etag: "b9d0556a2c620a939d54c63be3df6c6c:1603842491.763499"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
content-length: 37560
cache-control: max-age=3628800
date: Thu, 15 Dec 2022 23:47:45 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
docucdn-a.akamaihd.net/olive/fonts/2.8.0/maven_pro_bold.woff
95.101.10.42200 OK 34 kB URL HTTP/2 docucdn-a.akamaihd.net/olive/fonts/2.8.0/maven_pro_bold.woff
IP 95.101.10.42:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, CFF, length 33752, version 0.0\012- data
Hash 4de7535f6f5df8d5437c21c068ddb0ec
3553204b4624ca41cf1c4f3bd9b37d8c968cba23
8f6a520a392ff62149e5fc5aa87bfab9b3816cd6010d4d4fca194e8683ca498b
GET /olive/fonts/2.8.0/maven_pro_bold.woff HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://account.docusign.com/
Origin: https://account.docusign.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
unused62: 8096267
accept-ranges: bytes
content-type: font/woff
etag: "4de7535f6f5df8d5437c21c068ddb0ec:1603842502.445065"
last-modified: Tue, 27 Oct 2020 20:30:25 GMT
content-length: 33752
cache-control: max-age=3628800
date: Thu, 15 Dec 2022 23:47:45 GMT
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.docusign.com/sites/all/themes/custom/docusign/favicons/favicon.ico
151.101.194.133200 OK 1.4 kB URL HTTP/2 www.docusign.com/sites/all/themes/custom/docusign/favicons/favicon.ico
IP 151.101.194.133:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 113270506f7c8b653254e5cfce14f032
1b56c09f371328400696a22ddd04e61bce460000
dfdf0fb52b9da3ac655b57f60027763e68b8ab0b199d5f13e2f6fb034efc5dca
GET /sites/all/themes/custom/docusign/favicons/favicon.ico HTTP/1.1
Host: www.docusign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://account.docusign.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/x-icon
etag: "6370729e-3c2e"
expires: Wed, 15 Nov 2023 16:12:43 GMT
last-modified: Sun, 13 Nov 2022 04:29:18 GMT
server: nginx
x-pantheon-styx-hostname: styx-fe3-b-77b587f5fd-sgvlk
x-styx-req-id: 2b778156-6437-11ed-b62a-62e27c1c8989
content-encoding: gzip
x-timer: S1668474430.148757,VS0,VE201
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 15 Dec 2022 23:47:45 GMT
age: 2705703
x-served-by: cache-chi-klot8100148-CHI, cache-bma1639-BMA, cache-bma1661-BMA
x-cache: HIT, MISS, HIT
x-cache-hits: 1, 0, 2
vary: Accept-Encoding, X-Original-Host
strict-transport-security: max-age=31557600; includeSubDomains; preload
content-length: 1362
X-Firefox-Spdy: h2