r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4204
Expires: Fri, 31 Mar 2023 10:24:19 GMT
Date: Fri, 31 Mar 2023 09:14:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6263
Expires: Fri, 31 Mar 2023 10:58:38 GMT
Date: Fri, 31 Mar 2023 09:14:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 08:28:22 GMT
content-type: application/json
age: 2753
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4612
Expires: Fri, 31 Mar 2023 10:31:07 GMT
Date: Fri, 31 Mar 2023 09:14:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lsBpCzHlvoRHmRsqbX57jJhaDz4EovCoJt/TeJTTC+UWEm6dgQJ2ffUGpI9/yFFe6bZfVBzLqHU=
x-amz-request-id: 20KBP4WNEE9S6439
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 09:03:17 GMT
age: 658
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:14:15 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
162.214.164.25200 OK 1.9 kB URL HTTP/1.1 office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (756)
Hash 230e705396d10e33134eca7f7501a2d3
97c7000415b19d2be6346ae6e364c3113bfbb5b0
57d2b74f3fa76f93c61a290920daaa480d4ddf69a4d0b8c3f18e61b6cde515dd
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
openphish Outlook
NIDS Severity Alert suricata medium ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017
GET /aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid= HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1948
Keep-Alive: timeout=5, max=1150
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 08:17:26 GMT
age: 3410
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17168
Expires: Fri, 31 Mar 2023 14:00:24 GMT
Date: Fri, 31 Mar 2023 09:14:16 GMT
Connection: keep-alive
office365.festclick.com/aoufiloffic/css/conv.min.css
162.214.164.25200 OK 4.2 kB URL HTTP/1.1 office365.festclick.com/aoufiloffic/css/conv.min.css
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (17283), with CRLF line terminators
Hash 9da3699f10a85abfb3483befd7e59731
df620eff84a908146d7869f80d655a8dc3194ee0
7d283df1a60ecc29a37237200a291fa7078806afc3c34435f34b82b3836f80a1
GET /aoufiloffic/css/conv.min.css HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 10 Jul 2018 00:59:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4150
Keep-Alive: timeout=5, max=1150
Content-Type: text/css
office365.festclick.com/aoufiloffic/images/continue.png
162.214.164.25200 OK 495 B URL HTTP/1.1 office365.festclick.com/aoufiloffic/images/continue.png
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 110 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash dc31e73948cb05800a773f42349bbcae
6e6451d7f91102c8ceaebe0e9fc25fe2b76e987f
97a4488434a10d406081498268d1c4452209922cf1c5802134ad9d3693c41112
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
GET /aoufiloffic/images/continue.png HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Last-Modified: Thu, 05 Jul 2018 21:19:32 GMT
Accept-Ranges: bytes
Content-Length: 495
Keep-Alive: timeout=5, max=1149
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
44.227.71.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.71.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bfyaOErlOcUYNmQGHQI4zA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xi5lY5Ff5SxJt309+p3/yygQ3xs=
office365.festclick.com/aoufiloffic/images/small.jpg?x=12f4b8b543125cc986c79cd85320812f
162.214.164.25404 Not Found 315 B URL HTTP/1.1 office365.festclick.com/aoufiloffic/images/small.jpg?x=12f4b8b543125cc986c79cd85320812f
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
fortinet Phishing
GET /aoufiloffic/images/small.jpg?x=12f4b8b543125cc986c79cd85320812f HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=1150
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
office365.festclick.com/aoufiloffic/images/m7.png
162.214.164.25200 OK 500 B URL HTTP/1.1 office365.festclick.com/aoufiloffic/images/m7.png
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 68 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 11e0cb0cdf3c37272f38820b57fcf2cd
a6f0ceb36e02a2661570921a825dd64ce2444016
0b0e8860dc323f2d3431b407330217eaa8ed3a0c022a6949fb0ba9008a5a0cff
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
GET /aoufiloffic/images/m7.png HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 31 Jul 2017 01:11:48 GMT
Accept-Ranges: bytes
Content-Length: 500
Keep-Alive: timeout=5, max=1150
Content-Type: image/png
office365.festclick.com/aoufiloffic/images/lofo.png
162.214.164.25200 OK 21 kB URL HTTP/1.1 office365.festclick.com/aoufiloffic/images/lofo.png
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1100 x 845, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e3360bf7bef6e9539dca160dbf9c47b
5bf4940575364216da1ec4ea8dc009eccb968c4f
28716af890a232d0f275cb44df7c221e58930a57a9747259e9b676516edb8ca5
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
GET /aoufiloffic/images/lofo.png HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Last-Modified: Tue, 10 Jul 2018 03:59:34 GMT
Accept-Ranges: bytes
Content-Length: 20631
Keep-Alive: timeout=5, max=1149
Connection: Keep-Alive
Content-Type: image/png
office365.festclick.com/aoufiloffic/images/favicon.ico
162.214.164.25200 OK 540 B URL HTTP/1.1 office365.festclick.com/aoufiloffic/images/favicon.ico
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 70ac134d2e608ee150766b64494a192d
9b4345d6d66ba37ab058ed4ee606ff3558a93c98
f66a34884b26b0351a4f1880756efb1389ee675e3ab8e024bfbe7de0d81fb617
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
GET /aoufiloffic/images/favicon.ico HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:17 GMT
Server: Apache
Last-Modified: Tue, 21 Apr 2015 17:59:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 540
Keep-Alive: timeout=5, max=1148
Connection: Keep-Alive
Content-Type: image/x-icon
office365.festclick.com/aoufiloffic/images/t1.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5
162.214.164.25200 OK 580 kB URL HTTP/1.1 office365.festclick.com/aoufiloffic/images/t1.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5
IP 162.214.164.25:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 1920x1080, components 3\012- data
Size 580 kB (579468 bytes)
Hash af828c8f0c5db59e072caa3dfafe1fcd
2b10e29d80e70e18d215a6e2ba9884a81a0ee84d
7764c38d71f5ee52d39f237f08b4e82b4715c73bfa0afbaee30a60b0dfd058ca
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery phishing Phishing - Microsoft
fortinet Phishing
GET /aoufiloffic/images/t1.jpg?x=f5a9a9531b8f4bcc86eabb19472d15d5 HTTP/1.1
Host: office365.festclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://office365.festclick.com/aoufiloffic/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-userid&userid=
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:14:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Aug 2017 13:31:30 GMT
Accept-Ranges: bytes
Content-Length: 579468
Keep-Alive: timeout=5, max=1150
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12409
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:14:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12409
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:14:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12409
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:14:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12409
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:14:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 00:11:32 GMT
age: 32566
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 876e5464aba1639f3b07b07d1d694514
93885a6205be71d16187782b1803f53d5c8538cb
6e2b6b15f462922a9e8260f55cfcd94d488d1a48435458db43270ea3b825d8c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13775
x-amzn-requestid: 43d1a1f3-b189-4fcd-a298-429123d1921b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUloF9woAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-13778451622503253ea252eb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXA995GxGti4_AzSi9F19ZNvUwm5_ZSBw0BB0lRIfNHcmX7Ajt6bSg==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:36 GMT
age: 41262
etag: "93885a6205be71d16187782b1803f53d5c8538cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: aad4ce89-7ff3-484a-b644-ecda89a2ff16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVW5EPJoAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260292-41fb44737ee678bc7c93b7ff;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:43:46 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: aCuRurszjWr-BePwsnPfCqMpfO2GaREtRvvFGiiywmfsuAGFRRK9sQ==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:20:16 GMT
age: 3242
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:47:32 GMT
age: 8806
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 41215
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:59:56 GMT
age: 18596
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2