r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11869
Expires: Thu, 23 Mar 2023 04:37:43 GMT
Date: Thu, 23 Mar 2023 01:19:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10287
Expires: Thu, 23 Mar 2023 04:11:21 GMT
Date: Thu, 23 Mar 2023 01:19:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 01:15:04 GMT
content-type: application/json
age: 290
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6084
Expires: Thu, 23 Mar 2023 03:01:18 GMT
Date: Thu, 23 Mar 2023 01:19:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TTPMm4HJETG/DofBSvZ5rtW9LIZIEIYqpzdQyBqYN68IDui65znFko+ke/N/VB/qq7SuTCClUYg=
x-amz-request-id: HJWSA66B11WBV3DM
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 00:53:51 GMT
age: 1563
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5656a6f4f603f851db15e7dd263bace8
b6a59036fa7557d6a8fc0a6b48a2923fccb63e43
b153b7c70a0cc73dee82b4d13281364a2bcb2e470068ea5def46d04ebc9493a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B153B7C70A0CC73DEE82B4D13281364A2BCB2E470068EA5DEF46D04EBC9493A2"
Last-Modified: Wed, 22 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21510
Expires: Thu, 23 Mar 2023 07:18:24 GMT
Date: Thu, 23 Mar 2023 01:19:54 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:19:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 01:17:23 GMT
age: 151
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5309
Expires: Thu, 23 Mar 2023 02:48:24 GMT
Date: Thu, 23 Mar 2023 01:19:55 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.193.125101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.193.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sCNi5ZVmBT38jD/6XNi2bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 91sbzdMkShZgP/3INL8vzTOpYo8=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16602
Expires: Thu, 23 Mar 2023 05:56:38 GMT
Date: Thu, 23 Mar 2023 01:19:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16602
Expires: Thu, 23 Mar 2023 05:56:38 GMT
Date: Thu, 23 Mar 2023 01:19:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16602
Expires: Thu, 23 Mar 2023 05:56:38 GMT
Date: Thu, 23 Mar 2023 01:19:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16602
Expires: Thu, 23 Mar 2023 05:56:38 GMT
Date: Thu, 23 Mar 2023 01:19:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f148d2e3cd5679fe5cb9cd58630517c7
b312f7c6526254709a0f7424502952e9eaff9c78
6e98a90935a53caa8871238088e77269e5d7215d16dccabe7e9e4af09f39f7b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: a49dca74-54fa-457c-a5b6-e347fd139d1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8ovEgAIAMFcnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b749e-673461e13b7d2f4e7ad66e7f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:35:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ATbmD8auxaSsKlj6KDtI9biU-euAHDVEIVMiHR7hmroViIWghZUsKQ==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:45 GMT
age: 12971
etag: "b312f7c6526254709a0f7424502952e9eaff9c78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fdf1ed2958d8db65b7e247e1584eb841
a6385a641fbb1445ca73e632d06d691970b1e3f8
49fda09ea2e648aa8a09b7e72735a3402e8e87572cc188155c292a0d9fd6159b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5971
x-amzn-requestid: a3b249e1-616a-492b-bfc5-12df811361cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFV9H5XIAMFb9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5bf-4d51c9467af0c8485d7d98c0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:11:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qv0F14NgbMfCze9mmFykEDHdCG8yCNvFNa4smLDa1Tmg3_aaZakVoQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 10:34:59 GMT
age: 53097
etag: "a6385a641fbb1445ca73e632d06d691970b1e3f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3aa18378fc5715083fb26bd0d62f382
ee683e481a4501d2ab8ca63d1426d6fab6f2b064
8aade71c4b55f6a9daab28a05a90bcc3c6c01b700aa48d2f8ccdb1992fa5ee81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10816
x-amzn-requestid: 60a537d2-1b8a-4ae2-967c-a7e57c818cc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xY0EHqoAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6415629e-1be08f9f3a13492717fdaa48;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFf9EtVQUyRcUOT6Aj_L88__ZyBlVX61cOmPi70WnyxxPteVUFFXEw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 17901
etag: "ee683e481a4501d2ab8ca63d1426d6fab6f2b064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90f64fe111aa6e90ebf52e0335d21b75
4f25bdbffca3803b02c196c38491223684d36b4d
37894e16112286470b7fd2e0bbd5ca74944e6cb5ca6e8aff189c4515122a0d40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: f2297c3e-1187-48f5-bffb-c5ea1a79a10b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFgcF4_oAMFd6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b602-02696af01c0d586c631c5b45;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:13:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: R9mjcik3i0kISOeO4gVZP6XhhvZO00mriabAtJ8vv1kNhRpz_lfsHQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:39:55 GMT
age: 63601
etag: "4f25bdbffca3803b02c196c38491223684d36b4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a774aa1a206523471dfa75b624be2af
e41ca3e0550e74562b0374565225444ffb977c4e
208ea0f25d7bde64057701891811cdb8c0a67b6f60899ca514fbaf2e04d595bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9550
x-amzn-requestid: 0c3d2b49-9407-4d12-930a-83e585c165b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBF7kFvwIAMF43g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b6b0-59461f0119abb54f773150a0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:16:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wVn33PkqDp-KFwzsDiNz8uSRuW2lwBLllYsQevboO6qidq1OkL-X5Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:33:44 GMT
age: 9972
etag: "e41ca3e0550e74562b0374565225444ffb977c4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d24dfcd9f0afe0e4077384f16cc494
76213c7d5c759471ed3823888860f918ac7e8f13
fbbbef0498ddf14bc9b204273a3cd416c357dceed20339c3e8c64a16b0be3caf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7083
x-amzn-requestid: 52c38747-4a30-4831-87ca-7e72e5602ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHY_gFu8IAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64193b96-49c53b7c2e5ed4fc0217e357;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 05:07:34 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: XUrSSF8TgZSClR4MqJ0kuXGO-8KIguNmGe5lmVwzKXZO6CN0F9mimg==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:51:03 GMT
age: 12533
etag: "76213c7d5c759471ed3823888860f918ac7e8f13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ada.stringertheory.cloud/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.stringertheory.cloud%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.stringertheory.cloud%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638151311970718588.MzVhNDA5ZjgtNjU4ZC00N2JiLTg2NTctNmRjZjRiYTEyZGM3MjQyNGMyNmEtYWI4OC00ZjA2LWIzZGUtZTZjYTdlM2I5YzJj&ui_locales=en-US&mkt=en-US&state=pDxmVbYlNqSReoM46tn6ATz3lJhtHcYkAC80NW-fP9PmsUmuXuPTIMVW1ljWCwMCBn-NiFjtP17QAhHTiX1asQUTHSkUZkdBRIg3YPJuD_ODk_db701p8anl96gN9-88YC6tlsxoyOLDT7oeHBnYKXIadWArwkWfoidheKQnepRQdpdhd6JZhNa_GoWJjwwhvwu2YTq6iI9WojEi3b9NUbcPXcrtmE-eDCYX7yQ0E3StMpXs_-2AzPPSy7F2AbfIp0Hku3j6eP4VBmR6DqIc-Q&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0
188.191.106.69200 OK 172 kB URL HTTP/2 ada.stringertheory.cloud/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.stringertheory.cloud%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.stringertheory.cloud%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638151311970718588.MzVhNDA5ZjgtNjU4ZC00N2JiLTg2NTctNmRjZjRiYTEyZGM3MjQyNGMyNmEtYWI4OC00ZjA2LWIzZGUtZTZjYTdlM2I5YzJj&ui_locales=en-US&mkt=en-US&state=pDxmVbYlNqSReoM46tn6ATz3lJhtHcYkAC80NW-fP9PmsUmuXuPTIMVW1ljWCwMCBn-NiFjtP17QAhHTiX1asQUTHSkUZkdBRIg3YPJuD_ODk_db701p8anl96gN9-88YC6tlsxoyOLDT7oeHBnYKXIadWArwkWfoidheKQnepRQdpdhd6JZhNa_GoWJjwwhvwu2YTq6iI9WojEi3b9NUbcPXcrtmE-eDCYX7yQ0E3StMpXs_-2AzPPSy7F2AbfIp0Hku3j6eP4VBmR6DqIc-Q&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0
IP 188.191.106.69:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29579), with CRLF, LF line terminators
Size 172 kB (171743 bytes)
Hash 68e7f1938166161cb8f70b8719cbde39
579a28c76148ac19c2d32128b5e8e8f2f5e640e7
76e68e0c2b79e8872be9351ecf42c4e933ae00ef6ca6eb69e2abccc3db0b1843
GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.stringertheory.cloud%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.stringertheory.cloud%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638151311970718588.MzVhNDA5ZjgtNjU4ZC00N2JiLTg2NTctNmRjZjRiYTEyZGM3MjQyNGMyNmEtYWI4OC00ZjA2LWIzZGUtZTZjYTdlM2I5YzJj&ui_locales=en-US&mkt=en-US&state=pDxmVbYlNqSReoM46tn6ATz3lJhtHcYkAC80NW-fP9PmsUmuXuPTIMVW1ljWCwMCBn-NiFjtP17QAhHTiX1asQUTHSkUZkdBRIg3YPJuD_ODk_db701p8anl96gN9-88YC6tlsxoyOLDT7oeHBnYKXIadWArwkWfoidheKQnepRQdpdhd6JZhNa_GoWJjwwhvwu2YTq6iI9WojEi3b9NUbcPXcrtmE-eDCYX7yQ0E3StMpXs_-2AzPPSy7F2AbfIp0Hku3j6eP4VBmR6DqIc-Q&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0 HTTP/1.1
Host: ada.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:19:59 GMT
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache
pragma: no-cache
vary: Accept-Encoding, Accept-Encoding
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 732c7ac9-e608-48d7-982b-591fa34d0100
x-ms-ests-server: 2.1.14939.4 - NEULR2 ProdSlices
x-ms-clitelem: 1,0,0,,
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-allow-headers: *
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ada.stringertheory.cloud/?username=
188.191.106.69302 Found 0 B URL HTTP/2 ada.stringertheory.cloud/?username=
IP 188.191.106.69:0
Analyzer Verdict Alert fortinet Phishing
GET /?username= HTTP/1.1
Host: ada.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 23 Mar 2023 01:19:56 GMT
content-type: text/html; charset=utf-8
location: https://wwwofc.stringertheory.cloud/login#
cache-control: no-store, no-cache
pragma: no-cache
vary: Accept-Encoding
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 16516c98-a9ab-47f7-9c63-57918cb12f00
x-ms-ests-server: 2.1.14939.4 - WEULR2 ProdSlices
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
IP 188.191.106.69:0
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
X-Moz: prefetch
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3077578
cache-control: public, max-age=31536000
last-modified: Wed, 15 Feb 2023 01:53:28 GMT
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b6711048-801e-0029-3e28-4179f6000000
x-ms-version: 2009-09-19
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js
IP 188.191.106.69:0
GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:01 GMT
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1759392
cache-control: public, max-age=31536000
last-modified: Tue, 28 Feb 2023 01:21:52 GMT
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 88e7118e-301e-009f-7a25-4da60b000000
x-ms-version: 2009-09-19
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js
IP 188.191.106.69:0
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
X-Moz: prefetch
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:01 GMT
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1742248
cache-control: public, max-age=31536000
last-modified: Thu, 02 Mar 2023 02:22:22 GMT
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ac3263e3-c01e-0086-524d-4dc001000000
x-ms-version: 2009-09-19
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
IP 188.191.106.69:0
GET /shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:01 GMT
content-type: image/gif
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 16333768
cache-control: public, max-age=31536000
etag: 0x8D79A1B9F8A840E
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ae58d853-b01e-0055-0597-c888ae000000
x-ms-version: 2009-09-19
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ada.stringertheory.cloud/?username=
188.191.106.69200 OK 0 B URL HTTP/2 ada.stringertheory.cloud/?username=
IP 188.191.106.69:0
Analyzer Verdict Alert fortinet Phishing
GET /?username= HTTP/1.1
Host: ada.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:19:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
wwwofc.stringertheory.cloud/login
188.191.106.69302 Found 0 B URL HTTP/2 wwwofc.stringertheory.cloud/login
IP 188.191.106.69:0
GET /login HTTP/1.1
Host: wwwofc.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 23 Mar 2023 01:19:57 GMT
content-type: text/html; charset=utf-8
location: https://ada.stringertheory.cloud/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwwwofc.stringertheory.cloud%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwwwofc.stringertheory.cloud%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638151311970718588.MzVhNDA5ZjgtNjU4ZC00N2JiLTg2NTctNmRjZjRiYTEyZGM3MjQyNGMyNmEtYWI4OC00ZjA2LWIzZGUtZTZjYTdlM2I5YzJj&ui_locales=en-US&mkt=en-US&state=pDxmVbYlNqSReoM46tn6ATz3lJhtHcYkAC80NW-fP9PmsUmuXuPTIMVW1ljWCwMCBn-NiFjtP17QAhHTiX1asQUTHSkUZkdBRIg3YPJuD_ODk_db701p8anl96gN9-88YC6tlsxoyOLDT7oeHBnYKXIadWArwkWfoidheKQnepRQdpdhd6JZhNa_GoWJjwwhvwu2YTq6iI9WojEi3b9NUbcPXcrtmE-eDCYX7yQ0E3StMpXs_-2AzPPSy7F2AbfIp0Hku3j6eP4VBmR6DqIc-Q&x-client-SKU=ID_NET6_0&x-client-ver=6.26.1.0
vary: Accept-Encoding
request-context: appId=
referrer-policy: strict-origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 74257A396BFC49A1988F32BAEB46CEB7 Ref B: AMS231032601039 Ref C: 2023-03-23T01:19:57Z
access-control-allow-origin: *
access-control-allow-headers: *
set-cookie: OH.DCAffinity=OH-weu; expires=Thu, 11 Jun 2076 10:39:54 GMT; Path=/; Secure
OH.FLID=517b22a2-5bad-446b-a9e4-b6e8b5779975; expires=Sat, 12 Jun 2077 02:39:54 GMT; Path=/; Secure
.AspNetCore.OpenIdConnect.Nonce.9wnGrQsAU8_Tolywop7-tbNqGf96cQljhRHlmma06BMfn1_La9CJR2DEpR1kY8PH-d2FRtF1NFbqw6Y7lFS-uvzLyfA43WA3KnKGwMIdxCzPlZcaUSon041ehmaD_5EyUxoAOh6wle12NBwIY0ScvOjLsZAs4OTnmTy4Xqz2drD7w4buomp1eMwmDs7gW98f-RhLojyipV6KaKAAehklJ8xDAJPczCXOpJATiDVKH8YkhkH6ZbyjR6WDWY-2QZW0=N; expires=Thu, 11 Jun 2076 02:54:54 GMT; Path=/; Secure
.AspNetCore.Correlation.rthJUtJOmVrUzqmjXg2gYICN0T9FFUj-AsXNdeN0JK0=N; expires=Thu, 11 Jun 2076 02:54:54 GMT; Path=/; Secure
MUID=22629F5FAE4464D325AF8D82AFCF6528; Domain=stringertheory.cloud; expires=Tue, 06 Jul 2077 02:39:54 GMT; Path=/; Secure
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP 188.191.106.69:0
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:02 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1413362
cache-control: public, max-age=31536000
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a77b3f3b-101e-0026-464a-504615000000
x-ms-version: 2009-09-19
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
IP 188.191.106.69:0
GET /shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
Origin: https://ada.stringertheory.cloud
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:00 GMT
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 1742702
cache-control: public, max-age=31536000
last-modified: Wed, 01 Mar 2023 21:21:59 GMT
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 111aafa9-101e-0001-504c-4d2088000000
x-ms-version: 2009-09-19
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
188.191.106.69200 OK 0 B URL HTTP/2 aab4d1a5-02ca443c.stringertheory.cloud/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP 188.191.106.69:0
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aab4d1a5-02ca443c.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:01 GMT
content-type: image/x-icon
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 16333767
cache-control: public, max-age=31536000
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3b2611da-a01e-007e-4097-c822b0000000
x-ms-version: 2009-09-19
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
live.stringertheory.cloud/Me.htm?v=3
188.191.106.69200 OK 0 B URL HTTP/2 live.stringertheory.cloud/Me.htm?v=3
IP 188.191.106.69:0
GET /Me.htm?v=3 HTTP/1.1
Host: live.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ada.stringertheory.cloud/
Connection: keep-alive
Cookie: epP0mx=MDJjYTQ0M2MtYTc5Mi00M2NhLWFiMDEtZDg3NmQwODk4ODFiOjgyZmQ1NWJhLThhNzItNDRlZS05MmUzLWIwMjZiMjhmNTNkNw==; MUID=22629F5FAE4464D325AF8D82AFCF6528
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:20:02 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=315360000
vary: Accept-Encoding, Accept-Encoding
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
referrer-policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: ef332c24-5196-42fa-8340-28c0a96781ed
ppserver: PPV: 30 H: BL02PFBBDAA1C04 V: 0
access-control-allow-origin: *
access-control-allow-headers: *
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ada.stringertheory.cloud/?username=
188.191.106.69200 OK 0 B URL HTTP/2 ada.stringertheory.cloud/?username=
IP 188.191.106.69:0
Analyzer Verdict Alert fortinet Phishing
POST /?username= HTTP/1.1
Host: ada.stringertheory.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ada.stringertheory.cloud
Content-Length: 820
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 01:19:55 GMT
content-type: application/json
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2