firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 20:49:40 GMT
Expires: Thu, 13 Oct 2022 21:31:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NiwDynV9U1NV-kUUFwnxrsDI89Pap5VZtbKXK67vGfiWBWH4c9-Iww==
Age: 3295
printandprovisions.com/undd/login.live.com/?login.srf?wa=wsignin1.0&rpsnv=12&ct=1425083828&rver=6.4.6456.0&wp=mbi_ssl_shared&wreply=httpsbay169.mail.live.com%DEfault.aspxfrru3inbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai&jgoogle=bmf0ywxpys5tywnkb25hbgrad2zwlm9yzw==&xma=c
192.185.94.52200 OK 2.4 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/?login.srf?wa=wsignin1.0&rpsnv=12&ct=1425083828&rver=6.4.6456.0&wp=mbi_ssl_shared&wreply=httpsbay169.mail.live.com%DEfault.aspxfrru3inbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai&jgoogle=bmf0ywxpys5tywnkb25hbgrad2zwlm9yzw==&xma=c
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1481), with CRLF line terminators
Hash e617bb1795122d3a1208f321d449375a
473446626d769efd99f395a2e41b04b5f161d425
48f23eeb111e7c0985327ca2b52e6167eda98abecc8566c6af2705bb4060a899
GET /undd/login.live.com/?login.srf?wa=wsignin1.0&rpsnv=12&ct=1425083828&rver=6.4.6456.0&wp=mbi_ssl_shared&wreply=httpsbay169.mail.live.com%DEfault.aspxfrru3inbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai&jgoogle=bmf0ywxpys5tywnkb25hbgrad2zwlm9yzw==&xma=c HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2410
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ef1ca48ca7fd21239a2a11fcfc6366b
ee44232c27fb39d25ac901df2247c3ffd2c5bcca
e9bad8be490429a84a567acd710f97a402bcf7b4ba4e47f2bed27cada418c439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9BAD8BE490429A84A567ACD710F97A402BCF7B4BA4E47F2BED27CADA418C439"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12968
Expires: Fri, 14 Oct 2022 01:20:43 GMT
Date: Thu, 13 Oct 2022 21:44:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10664
Expires: Fri, 14 Oct 2022 00:42:19 GMT
Date: Thu, 13 Oct 2022 21:44:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fqzEuFYoEz6uDpHjlPrex5LzWfXGIylDWjYixWgPQJXN17zKb/3FDZi1r4C4pg5vPgYjHexSYOc=
x-amz-request-id: FV3N806K0CT3E7E6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 21:01:52 GMT
age: 2563
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 21:44:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
192.185.94.52200 OK 1.1 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (479)
Hash e6f81092160c4a7f4720c16c54aab197
6bf04f2cfce727afef99752adf32e54b1b8e11c0
c7af7b467c0977aa5a18c154ce4a97da470f567e35d62462a3fade8a71045327
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/EN-US(1).htm HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/?login.srf?wa=wsignin1.0&rpsnv=12&ct=1425083828&rver=6.4.6456.0&wp=mbi_ssl_shared&wreply=httpsbay169.mail.live.com%DEfault.aspxfrru3inbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai&jgoogle=bmf0ywxpys5tywnkb25hbgrad2zwlm9yzw==&xma=c
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1109
Keep-Alive: timeout=5, max=75
Content-Type: text/html
printandprovisions.com/undd/login.live.com/others/EN-US.htm
192.185.94.52200 OK 446 B URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/EN-US.htm
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1cda7deab5b76869e3a9430be277cedb
e256d5b058fe6b0d47d2fa0df59e34cfed26a85b
0fc8e5b87fc7b71bec01b78ed065d4fbb5d9de9e58575406517c1a262599a89a
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/EN-US.htm HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/?login.srf?wa=wsignin1.0&rpsnv=12&ct=1425083828&rver=6.4.6456.0&wp=mbi_ssl_shared&wreply=httpsbay169.mail.live.com%DEfault.aspxfrru3inbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai&jgoogle=bmf0ywxpys5tywnkb25hbgrad2zwlm9yzw==&xma=c
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 446
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html
printandprovisions.com/undd/login.live.com/css/R3WinLive1033.css
192.185.94.52200 OK 6.6 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/css/R3WinLive1033.css
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25349), with no line terminators
Hash 4ac12f351bc3acb5aca4d8005fb92718
65c22b7412af46801103ff4d6f7442e3a478ce8c
052f24b6610fe08cdf9c6953aa6f55a1a105aaa0f50b9e94f59ffaab49dea1cc
GET /undd/login.live.com/css/R3WinLive1033.css HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/?login.srf?wa=wsignin1.0&rpsnv=12&ct=1425083828&rver=6.4.6456.0&wp=mbi_ssl_shared&wreply=httpsbay169.mail.live.com%DEfault.aspxfrru3inbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai&jgoogle=bmf0ywxpys5tywnkb25hbgrad2zwlm9yzw==&xma=c
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6586
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
printandprovisions.com/undd/login.live.com/css/style.css
192.185.94.52200 OK 1.7 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/css/style.css
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash b5c0aeb726b72c6dfabfdaebbf1939b1
85acbe1230355e42483dab9b337e08396e0653fb
383245f374a16b58d58647fe4dbff22bc4103d654ad00e19a170ecfcec26b4a0
GET /undd/login.live.com/css/style.css HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1676
Keep-Alive: timeout=5, max=75
Content-Type: text/css
printandprovisions.com/undd/login.live.com/css/style_win8.css
192.185.94.52200 OK 411 B URL HTTP/1.1 printandprovisions.com/undd/login.live.com/css/style_win8.css
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3bebc362281f7111db5d402a9df87855
f26abbfac2f1cd3d1778f4665aab18ad0a6a00fd
d5a099ed20d5e63392148f4d3ac8a0453157f01c0d5f9cbaea082ec8f375548c
GET /undd/login.live.com/css/style_win8.css HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 411
Keep-Alive: timeout=5, max=75
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, ETag, Expires, Content-Type, Last-Modified, Content-Length, Cache-Control, Retry-After, Backoff, Pragma
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 13 Oct 2022 21:41:02 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 21:27:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gzS9P0-6Co8NHqeQ5zaejQf7QXo_JkbcuvDCjp_eDS6XX74DoNHpxw==
Age: 2213
printandprovisions.com/undd/login.live.com/imgs/controls.png
192.185.94.52200 OK 5.2 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/imgs/controls.png
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 19 x 774, 8-bit/color RGBA, non-interlaced\012- data
Hash b1647dd6fd0d21b4c0b05a7bf9e1356b
70e399bcaf63a229b514565e3e97a0c4a42e836e
58c85a458cff1098d73812156c77d22e35113e6843f1e6e2e265aac58b19d302
GET /undd/login.live.com/imgs/controls.png HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/css/R3WinLive1033.css
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Content-Length: 5218
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3583e23195fad53de085f55b7ae476b8
1e1ee824f8b5706b0a32b269af82769bb44f5d0f
0c3d6dbcec45e2d28fe0b43d2ae2eaf8cbb05d435b981edc1da311ce356fe30d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1997
Cache-Control: max-age=125731
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 21:44:36 GMT
Etag: "6347c71a-1d7"
Expires: Sat, 15 Oct 2022 08:40:07 GMT
Last-Modified: Thu, 13 Oct 2022 08:06:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
auth.gfx.ms/16.000.25123.00/favicon.ico?v=2
104.110.18.148503 Service Unavailable 175 B URL HTTP/1.1 auth.gfx.ms/16.000.25123.00/favicon.ico?v=2
IP 104.110.18.148:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cb86d00409ab6d1cd730dc00fddbfbb9
6bc98c736e90b1dba1dd3d0ab7a9680c5eaa8d4d
4f075a5e8450077795973ab3da2c610f45faaf34b1d0eff12dac3c3917a5fe9f
GET /16.000.25123.00/favicon.ico?v=2 HTTP/1.1
Host: auth.gfx.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://printandprovisions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Unavailable
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 175
Expires: Thu, 13 Oct 2022 21:44:36 GMT
Date: Thu, 13 Oct 2022 21:44:36 GMT
Connection: keep-alive
printandprovisions.com/undd/login.live.com/others/event
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/event
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash 979330dd1071ecb60b51b5009e0ab99f
df703b8a9144838bca1fbe819fbd77d548047182
016a5e4ec0f8ffaeb886555542cd307f100a6177ab9e44f8660f6a76770d6593
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/event HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=b41c91cf71df9a88529226ede94774ef; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
printandprovisions.com/undd/login.live.com/others/bk-coretag.js
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/bk-coretag.js
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash 62514a58c5095f71cec2b4d93c4e6bac
c022c753fb904d96f2b8ac5c71a3ec8cfc6ea8e0
38045aef4e9ec60b029842295edaa84046da99bd82e7463f6e1b5c6a8789d075
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/bk-coretag.js HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=9e40fb30d69d343fbe5a19565feca9a7; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
printandprovisions.com/undd/login.live.com/css/header.css
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/css/header.css
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash 2cb947311532ec57ff0adbc2bd7dd503
b2c476bd75f3098a60d9bc3bc307c23e7b29812a
b34f1557dcec581d638a88df81f73d8b60b0b03388c954644621e4d696a47e2d
GET /undd/login.live.com/css/header.css HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US.htm
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=26a90adf134ff2b28cf54d7b6d31138c; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
printandprovisions.com/undd/login.live.com/others/standard
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/standard
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash ef0464fc2e4e3e212b5f1d3840609d38
9ae833584d919c1e7f4e609180598944dcb24a76
c9e7a48849fdf5ac2e085c27c682c7d64db35de1a08571d30c7cb8cff28ca669
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/standard HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=8379963d0d049aeddd4d0e1570653027; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X5rlfaul2YM9G8lTPRhdOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HigkYLCy2+mSscGt2edgbyBtQIY=
printandprovisions.com/undd/login.live.com/imgs/logo_mail.png
192.185.94.52200 OK 5.1 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/imgs/logo_mail.png
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 4901cfc069f5d64ec8d47550486cb420
b36a2e42ef9cce426f82bc253f2ff1fc47fbaecb
6b1af85883b2ab64690488468bf9fb0699b82e0b8c3239129847e726bcd79c1b
GET /undd/login.live.com/imgs/logo_mail.png HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US.htm
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:36 GMT
Server: Apache
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Content-Length: 5104
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/png
printandprovisions.com/undd/login.live.com/js/mbox.js
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/js/mbox.js
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash 3436e52686fbf90e29b544ac4387031e
fc5e2360bb20d4cfac420191461db35592d34445
ae4cb898c12751795a79a7ca5872260e314112face7c500d63a2fee9a3e98025
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/js/mbox.js HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:35 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
printandprovisions.com/undd/login.live.com/imgs/Outlook_SISU%20Refresh_Categories.jpg
192.185.94.52200 OK 64 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/imgs/Outlook_SISU%20Refresh_Categories.jpg
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 475x340, components 3\012- data
Hash cc6f9fbf7f0aecde0f8b0198e1fbfd20
585b9d87ba9bf1394b24e240f14ecb8c09653bfe
beeb8672e0f8f04e8afd9814718f6d61ae2ebffb41dd573ed37b181f63e87440
GET /undd/login.live.com/imgs/Outlook_SISU%20Refresh_Categories.jpg HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:44:36 GMT
Server: Apache
Last-Modified: Tue, 06 Oct 2020 06:27:15 GMT
Accept-Ranges: bytes
Content-Length: 64545
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg
printandprovisions.com/undd/login.live.com/others/event
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/event
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash ffe307310ab96ee117e61e945c9a83c0
63c8cefabb2f9cc7d5fceafdec2c3635a52bc0bc
9f6646c2c9c02b479f5b8a03dbf934635295ac0d4502370dc4bd3b4c089073c8
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/event HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:36 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Thu, 13 Oct 2022 23:26:46 GMT
Date: Thu, 13 Oct 2022 21:44:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Thu, 13 Oct 2022 23:26:46 GMT
Date: Thu, 13 Oct 2022 21:44:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Thu, 13 Oct 2022 23:26:46 GMT
Date: Thu, 13 Oct 2022 21:44:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Thu, 13 Oct 2022 23:26:46 GMT
Date: Thu, 13 Oct 2022 21:44:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Thu, 13 Oct 2022 23:26:46 GMT
Date: Thu, 13 Oct 2022 21:44:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a5b340fa22bc00565ee580506185ee6
82a9e94edf6c32a825c7ab17032ec1e12f3b8f64
a1a6c75338c0a27765c510d3b417ab452eade7dea7e59db1aa4ddf1e52cfbc41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3460
x-amzn-requestid: abd25fa2-3dcf-4766-bb96-aad040aadbb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6EQ4oAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-6e85d59a3bf1f1a14b4b91a5;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VRidWgn-x_6ns12m0tjazQ7OtPIWOeE2lG4gqzivtPdywLbgpJqBsA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 03:39:05 GMT
age: 65132
etag: "82a9e94edf6c32a825c7ab17032ec1e12f3b8f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4428a41f1c63e0c32664bc1b7d6b65a0
325484ea6c2653483019d85d690b4a697f8dde9f
7a8e1afc1f987dbd6275617db2655d7f92f2ead75ce6cbe924bf572e1b2567d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7580
x-amzn-requestid: 6a320517-254f-40f6-b7cd-b87317d2177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tq9HkqoAMFVcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63473312-13af2ea55b9d524d37b1dd46;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaYmkULE2Gb48Ep1NuF98M6D9nbo54L1-tyAqzbSWKUQ0S4jQeiORA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:45:44 GMT
age: 86333
etag: "325484ea6c2653483019d85d690b4a697f8dde9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7c910df57ddbb4c965a2368ecd0b7c0
3c43ed5bf8ebd3e103a6b8f4736ccb414353937e
bfe79d8edb1e729797ca5a044b425a50e17402a8e02f7aa46d196c4717940995
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3621
x-amzn-requestid: 331206f5-c205-42f7-b4ec-33cda2fb63b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxutmHYYoAMFW9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c4bd-40c2f12833e077be52ca770c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:07:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m0UA1qs-Ea9UjOtLqAwh7WEhU3OJAwvBKEuyn7iUUweXAHdFDYpjMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 10:42:14 GMT
age: 39743
etag: "3c43ed5bf8ebd3e103a6b8f4736ccb414353937e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1c9c993c5a82d5a146afa74f3455c24
34d415f33034c3f825c7adaf35c29fb0f597ed5b
212acaf34f23c1b351320600adb1f467986f7a9c24f6e573384eb513317c78d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12475
x-amzn-requestid: 538d6bb2-4059-44f6-9d10-bbe284f68183
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhSDlH3CIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d307d-37c9449e010952d83814b45e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: p6zsAyj5umzDW15uiPwb2dfp6SozSZf7dzBFpuma20uDqtvy2e0Jaw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 20:16:36 GMT
age: 5281
etag: "34d415f33034c3f825c7adaf35c29fb0f597ed5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5a9abfaf8360f2b6527800ad1944f44
66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49
02d4d5b7ffb815544ee8cc67b38d885173214918f4522dcfe452b9f1ef252843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7434
x-amzn-requestid: d2ca5388-80cd-4082-a01c-54d701494d20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6TqfERSIAMF8-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347330f-340bae193e3547840bd0d45d;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 02jwYGldxH-OiwHR5fFT9V5PrbU2xMx8dPMeGRA3byKZZ7wPAuMVLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:57:57 GMT
age: 85600
etag: "66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cb88b15f7586a43b2f80b8079afd374
11fd9e6c872c6eb6e03761dbbcf38bf3707b741a
8bfffc22e8ea19dab232e21f1f5f76811e37b048f80cad532f905f5a1047b9c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10731
x-amzn-requestid: 30e35246-dd7f-421c-afcf-5c5372edd5d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fEgESiIAMFTtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344dee9-06ab66382ab2d71a18b6a8be;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DSf-Pze4qG8u-neGe5WU6keIki0n0g6UWEjOqpDzijlPCVOz9nw5iA==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 05:53:24 GMT
age: 57073
etag: "11fd9e6c872c6eb6e03761dbbcf38bf3707b741a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
printandprovisions.com/undd/login.live.com/others/bk-coretag.js
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/bk-coretag.js
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash cb8dacfe55e53bf7eb6906bded8bf201
2b54ce43d84984a77fcebb9b0d4e67442b89af01
3b1d39f4c0cf732ea99ba85d0e83f209bae9b7d4c32a6af634cf513c60baed31
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/bk-coretag.js HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:37 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
printandprovisions.com/undd/login.live.com/others/standard
192.185.94.52404 Not Found 42 kB URL HTTP/1.1 printandprovisions.com/undd/login.live.com/others/standard
IP 192.185.94.52:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Hash edbc7fee826437940632e9e50e2cac40
066306958d89aaf5fa8b08e956ce7e75e3a85cc8
4e9fd5de662703f69c88c56803ac904ba79f590089a7ad613d8e32bbd91de2b6
Analyzer Verdict Alert fortinet Phishing
GET /undd/login.live.com/others/standard HTTP/1.1
Host: printandprovisions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://printandprovisions.com/undd/login.live.com/others/EN-US(1).htm
Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f
HTTP/1.1 404 Not Found
Date: Thu, 13 Oct 2022 21:44:38 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://printandprovisions.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=131070e84eb805f36ac019566d51bc9f; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8