{"report_id":"bf7859f8-9473-4721-a835-10d5bb5bcaf7","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2023-08-20T10:33:53Z","url":{"schema":"http","addr":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","fqdn":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","domain":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","fqdn":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","domain":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","tld":"r2.dev"},"title":"Sign in to your Office365 account"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T08:43:34Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2023-06-26 22:03:46","last_seen":"2023-07-28 12:51:30","alert_count":2,"request_count":2,"received_data":14816,"sent_data":1093,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-08-19 18:12:25","alert_count":0,"request_count":1,"received_data":28977,"sent_data":519,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn-jm-tools.web.app","ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2019-01-08","domain_rank":0,"first_seen":"2021-05-28 22:34:17","last_seen":"2023-08-19 13:31:15","alert_count":0,"request_count":5,"received_data":23872,"sent_data":2602,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.3","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-08-19 18:12:01","alert_count":0,"request_count":1,"received_data":711,"sent_data":350,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":1421,"first_seen":"2018-11-19 11:50:03","last_seen":"2023-08-19 18:14:09","alert_count":0,"request_count":1,"received_data":1616,"sent_data":519,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-08-19","alert":"Office365","trigger":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-06-27","alert":"Other","trigger":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","fqdn":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","domain":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ee1e41adf7b60e88120e1f97c8bcb727","sha1":"5d89cd39f9d8957302150d7f90f5f5a429cbd858","sha256":"08bc51eba1e30dce03ee498298a15e9e8cde70bd6f97a2fe7167694135e19d15","sha512":"6b90987c22eb6762fcdae9f08f939cd20b4735875ffa21ced9383d4f92b6e3bf3461c161b630d8a45d8fd8c3382247dea3c257c60bf8c619baa262fda97d397b","ssdeep":"384:4uWxhyvUvO+nNxGjVNN0kfGgy9/DEAtsOa5OLJCr1WOLuPlROH0a9LVoLyFSHr0w:44vKEXSkOWU+iVFF","tlshash":"9d43a13ca321c44da9736a3bfce42f655109af97edc9b7c9041880973ef067a71146ea","size":58310,"data":"","first_seen":"2023-06-28T01:47:23Z","last_seen":"2024-09-20T20:04:19.541897Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9394c149b52c9b8e1c1f8d95a57c1ef","sha1":"d438c01cb5ee0978fa52d5b13beef55dbe2861ff","sha256":"53423b925c20d4fb7de60f9917258a58e703e8f031bbaf1e338a07503bb9d967","sha512":"856c0ff35e960c681d85993731b192a16d4d0c92ea72505e4a865763bab60a4e3ca49d62f3273ba600e0c696295b14c59cc002daae5a90770e53f5531d1bbdd4","ssdeep":"","tlshash":"9bd0a7525f05c83119908b816d7de548e5af348e486c8549f20c4d1f5701abe64d66c4","size":220,"data":"","first_seen":"2023-06-28T01:47:23Z","last_seen":"2024-09-20T20:04:19.543725Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12108007906290015100837a6a61e9f4","sha1":"1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3","sha256":"c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4","sha512":"93658f3eb4a044523a7136871e125d73c9005da44ce09045103a35a4f18695888ecafe2f9c0d0fa741b95cc618c6000f9ad9affc821a400ea7e5f2c0c8968530","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakF:YYh8eip3hXuf6IidlrvakdtQ47GK1","tlshash":"c393f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89493,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-03T18:02:18.579551Z","times_seen":18361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e780d495bcd324a4335f0e8925406907","sha1":"e5af8c50973afa854f350e95bf1de6a206093b7d","sha256":"7dbb31d0837d2d2013ab9926a40df7845c3e5e6bafdc7409e387df2ed18db7c1","sha512":"ece13af64cc72e0cea949275228d264d597c4e9cdae3d9a78c5460083772c0e45867cf406f06d1a9e77592d9708486ed8da6c837cead2f9bda23f66fca997a2b","ssdeep":"","tlshash":"7561f18b32050ebb17fbb4a6342b44497d30e0159b05180016b69bedf936fc5a6ebb4b","size":3185,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-03-19T18:05:45.764545Z","times_seen":5733,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"af9555694c38df37d3ba81e4123da2bb","sha1":"a4e1c1a7a298b9b64e283c69a947f84f934e8d89","sha256":"fb70280f2e6fe87af77872a66c927d4accad57f1f1cefadd606c37de39bc1c9e","sha512":"a27d8d51df9fec44deaeaea1193347c07cfea5c007a5120ac5e36fb5a4c74c90994fb5b6c4631bf087bae58ece4824b9acca829c0a9e0d5230184fd231e92258","ssdeep":"384:U7i76pyKJ7eFJ7ecR7ec47Dd7747R7RqytPhgTwZe08B7W7L7m7J7L7GqGs+7soy:U2OFCDCcRCcQNEldtOi1KCXStXygTf","tlshash":"d19209f2b0111e6a539b9df9f033d204313ae64dd3038d60e97c8a9416ffe19f52699a","size":19425,"data":"","first_seen":"2023-06-28T01:47:23Z","last_seen":"2024-09-20T20:04:19.547625Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","fqdn":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","domain":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-08-20T10:33:28.632Z","timestamp":1692527608632,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 13 Aug 2023 17:25:54 GMT","end":"Sat, 11 Nov 2023 17:25:53 GMT"},"fingerprint":{"sha1":"E8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2","sha256":"64:08:E9:9B:E6:D1:BF:9C:92:37:8C:9A:34:EB:AB:7D:53:0D:0F:15:B3:2F:D0:25:E0:B3:FB:27:05:CE:49:A7"}}},"request":{"raw":"GET /heel.html HTTP/1.1\r\nHost: pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 20 Aug 2023 10:33:36 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"ab7d57ed033b16943b866ff8c10fe82a\"\r\nLast-Modified: Sun, 25 Jun 2023 21:47:02 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 7f99fa9cba23b521-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7787,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (58308)","md5":"ab7d57ed033b16943b866ff8c10fe82a","sha1":"30fd43a069e6db5d678bed3ae616dad12dc64430","sha256":"88cd1ac27c912cbd2aef1f14b205e779f10978e98164e29d4d3b8b87d11b06c3","sha512":"072a2a24e7134f8738908590c533a8870b0bfb2be67c079932f3674a88b403e868e71b8d3b1e20f13445cb7f1365274dc3556950ddebd585692665545f9123d1","ssdeep":"384:/uWxhyvUvO+nNxGjVNN0kfGgy9/DEAtsOa5OLJCr1WOLuPlROH0a9LVoLyFSHr0g:/4vKEXSkOWU+iVF3","tlshash":"c543a13ca321c44da9736a3bfce42f655109af97edc9b7c9041880973ef067a71146ea","first_seen":"2023-06-28T01:47:23Z","last_seen":"2024-09-20T20:04:19.528444Z","times_seen":18,"resource_available":false,"data":null}},"time_used":947,"timings":{"blocked":67,"dns":16,"connect":1,"send":0,"wait":813,"receive":2,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-08-19","alert":"Office365","trigger":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","verdict":"phishing","severity":"medium","comment":"Office365","link":"https://openphish.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-06-27","alert":"Other","trigger":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:29.782Z","timestamp":1692527609782,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27964\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec4-15d95\"\r\nlast-modified: Mon, 04 May 2020 16:11:48 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 3907538\r\nexpires: Fri, 09 Aug 2024 10:33:36 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=TuR8BKyTFbC1kGkgCDYcsatvblb0cu4Ny5%2B34YdsGqkuFH4e2ciSHZ9upbu7zOTQYxA4GEF6Px5pP4Oi2SsaqQfk0rNl1HXA9AtupUKfTI5GdnXh7sGSgqZrEasSWR9iO6gSoXl0\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 7f99faa3ac371bfe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27964,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65451)","md5":"12108007906290015100837a6a61e9f4","sha1":"1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3","sha256":"c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4","sha512":"93658f3eb4a044523a7136871e125d73c9005da44ce09045103a35a4f18695888ecafe2f9c0d0fa741b95cc618c6000f9ad9affc821a400ea7e5f2c0c8968530","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakF:YYh8eip3hXuf6IidlrvakdtQ47GK1","tlshash":"c393f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-03T18:02:18.579551Z","times_seen":18361,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":26,"dns":1,"connect":1,"send":0,"wait":13,"receive":2,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:29.778Z","timestamp":1692527609778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 10 Jul 2023 14:06:36 GMT","end":"Sun, 08 Oct 2023 14:06:35 GMT"},"fingerprint":{"sha1":"61:46:7F:9A:CD:4C:E9:01:C4:D3:4D:78:3B:82:B4:F2:AC:6F:DA:88","sha256":"EE:87:CE:CF:96:48:31:96:09:35:8C:C8:5B:18:25:6F:CF:A8:A4:3F:C9:15:6D:34:0A:1E:AC:7F:B4:6D:BF:82"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\netag: \"2084deafc36fbaca40a6352319b3c1edb1262245428033547de6b82e0c2dcfe8-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\nx-served-by: cache-bma1631-BMA\r\nx-cache: HIT\r\nx-cache-hits: 2\r\nx-timer: S1692527617.581460,VS0,VE0\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 1274\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1274,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (3651), with no line terminators","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-04-03T19:21:19.948965Z","times_seen":122113,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:29.772Z","timestamp":1692527609772,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 10 Jul 2023 14:06:36 GMT","end":"Sun, 08 Oct 2023 14:06:35 GMT"},"fingerprint":{"sha1":"61:46:7F:9A:CD:4C:E9:01:C4:D3:4D:78:3B:82:B4:F2:AC:6F:DA:88","sha256":"EE:87:CE:CF:96:48:31:96:09:35:8C:C8:5B:18:25:6F:CF:A8:A4:3F:C9:15:6D:34:0A:1E:AC:7F:B4:6D:BF:82"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=utf-8\r\netag: \"180ed6b42ce49176e493ebf3f2145e670be96178b9e2f60001e81532e32268cb\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\nx-served-by: cache-bma1631-BMA\r\nx-cache: HIT\r\nx-cache-hits: 2\r\nx-timer: S1692527617.581686,VS0,VE0\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 18705\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18705,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (61112)","md5":"53b33b15cf9dff288eda12099e0ee746","sha1":"1748b7bd3b89b84d800374083af646fec11ff082","sha256":"30c90ea15ddeec7d675ed3eaaf26e8283b908265c5a6a5ff00345d03c24233f0","sha512":"8ba4bcbe63b72e6dff001b441d0fe100ecb3a6a6d664816eac7d89e8bb088c6653c9f7bc646f20884842c19c7516ed751332e4585ff49202d4b3f73e6438f24d","ssdeep":"1536:IpHDgWeWJw+k4zazA/PWrF7qvEAFiQcpmeh1+zy35o:ORUyy3+","tlshash":"46a3c8946d243d269037c73561c1bd87a2121503f637aebbf6226db9cf896cb0b31e49","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-03-22T12:51:43.370868Z","times_seen":9902,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":34,"dns":1,"connect":8,"send":0,"wait":18,"receive":3,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:29.781Z","timestamp":1692527609781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 10 Jul 2023 14:06:36 GMT","end":"Sun, 08 Oct 2023 14:06:35 GMT"},"fingerprint":{"sha1":"61:46:7F:9A:CD:4C:E9:01:C4:D3:4D:78:3B:82:B4:F2:AC:6F:DA:88","sha256":"EE:87:CE:CF:96:48:31:96:09:35:8C:C8:5B:18:25:6F:CF:A8:A4:3F:C9:15:6D:34:0A:1E:AC:7F:B4:6D:BF:82"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\netag: \"cf034e803491c0dbb1074332cd18fac418b94b0a139a7ddbf92ec40574951a8a-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\nx-served-by: cache-bma1631-BMA\r\nx-cache: HIT\r\nx-cache-hits: 2\r\nx-timer: S1692527617.582672,VS0,VE0\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 230\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":230,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (915), with no line terminators","md5":"2b5d393db04a5e6e1f739cb266e65b4c","sha1":"6a435df5cac3d58ccad655fe022ccf3dd4b9b721","sha256":"16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6","sha512":"3a692635ee8ebd7b15930e78d9e7e808e48c7ed3ed79003b8ca6f9290fa0e2b0fa3573409001489c00fb41d5710e75d17c3c4d65d26f9665849fb7406562a406","ssdeep":"","tlshash":"4211c9bb2f78c66ea09197943762a7791f76a14873883590f3432f11ee44dbb203dc40","first_seen":"2023-04-14T08:32:49Z","last_seen":"2026-04-03T10:33:20.666642Z","times_seen":15490,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:29.780Z","timestamp":1692527609780,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 10 Jul 2023 14:06:36 GMT","end":"Sun, 08 Oct 2023 14:06:35 GMT"},"fingerprint":{"sha1":"61:46:7F:9A:CD:4C:E9:01:C4:D3:4D:78:3B:82:B4:F2:AC:6F:DA:88","sha256":"EE:87:CE:CF:96:48:31:96:09:35:8C:C8:5B:18:25:6F:CF:A8:A4:3F:C9:15:6D:34:0A:1E:AC:7F:B4:6D:BF:82"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-type: image/png\r\netag: \"a512441fed43fc63c5a2bbce213d4081532632f57c75eb60cb7dd0e4a1126b38\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\nx-served-by: cache-bma1631-BMA\r\nx-cache: HIT\r\nx-cache-hits: 2\r\nx-timer: S1692527617.583298,VS0,VE0\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 240\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7cc096da6aa2dba3f81fcc1c8262157c","sha1":"a50776316f0220ed7cd7882a68c742a8861c999d","sha256":"ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83","sha512":"ec046758ec2d6588b9b103e5bb1b035dee57dfbb068ad902c869ed22b14f78282461709bdb20366ee887b814f00ae39a4ebd82db42bd831be85fe5b4bf4037af","ssdeep":"","tlshash":"a0d0979373129c2dcfb4e733920e0c22cc1382a3872ab74c58529050bf18c002a9085d","first_seen":"2023-04-27T20:18:37Z","last_seen":"2026-03-31T01:57:03.287082Z","times_seen":12233,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/s/gts1d4int/o8gJaTmHNoQ","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.3","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-08-20T10:33:30.041648443Z","timestamp":1692527610041,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /s/gts1d4int/o8gJaTmHNoQ HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sun, 20 Aug 2023 10:33:36 GMT\r\nCache-Control: public, max-age=14400\r\nServer: scaffolding on HTTPServer2\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"7d1a74f3a563aa0f594b2f43dba87b29","sha1":"c4fc7676ea35f9d1cb697d84f1c5045decf9a16d","sha256":"3de4eb107e63b5bb8cba73db76bb5e55e9b3fedfe678e8d69e25a1e25f614c87","sha512":"fee2eddfa995374901998777daa1e040e144dccc23b077d0b18f74345d352ea097602027343d346fd348d005073036ae802072579b29722fe00418fb3d18bb4d","ssdeep":"","tlshash":"37f0dc40bcf4ab990f470e8d7ca6191b70c381dc0866a06ff06851f0c74b2b9c6382bb","first_seen":"2023-08-19T22:40:06Z","last_seen":"2023-08-20T21:11:20Z","times_seen":77,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8068,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:30.044Z","timestamp":1692527610044,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Sat, 29 Jul 2023 00:00:00 GMT","end":"Mon, 29 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:5F:75:46:1C:BE:AF:E4:F2:BF:F3:04:1D:0B:56:0F:EE:DA:A0:96","sha256":"DF:9A:22:DD:76:BE:E9:63:BD:AA:27:3D:DE:4A:DE:4C:8E:3B:D3:FE:6B:90:BA:39:D0:7E:7B:4B:3A:04:A4:84"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\ncontent-length: 673\r\ncontent-type: image/svg+xml\r\ncontent-encoding: gzip\r\ncontent-md5: DhdidjYrlCeaRJJRG/y9mA==\r\nlast-modified: Wed, 12 Feb 2020 22:01:30 GMT\r\netag: 0x8D7B0071D86E386\r\nx-cache: TCP_HIT\r\nx-ms-request-id: f9dce898-401e-003b-38ca-d03375000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref-originshield: 0RL3dZAAAAAAfEkwUP7qUQ5907CmFBwlMQU1TMDRFREdFMTgyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\nx-azure-ref: 0AOzhZAAAAAAlOkjCbbVuR7nePFOzLNm3U1ZHMjBFREdFMDUxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":673,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1864), with no line terminators","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-04-03T19:21:19.952307Z","times_seen":102153,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":33,"dns":3,"connect":9,"send":0,"wait":12,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/","fqdn":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","domain":"pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.3.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:30.042Z","timestamp":1692527610042,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 13 Aug 2023 17:25:54 GMT","end":"Sat, 11 Nov 2023 17:25:53 GMT"},"fingerprint":{"sha1":"E8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2","sha256":"64:08:E9:9B:E6:D1:BF:9C:92:37:8C:9A:34:EB:AB:7D:53:0D:0F:15:B3:2F:D0:25:E0:B3:FB:27:05:CE:49:A7"}}},"request":{"raw":"GET /*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/ HTTP/1.1\r\nHost: pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 20 Aug 2023 10:33:36 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 7f99faa50d6ab521-OSL\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":6476,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (611)","md5":"df3d48946e8d3f5a83608308edbb4b86","sha1":"47b9c40c97abf2658df96b1c06109324e15e1a00","sha256":"570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499","sha512":"36ec1cec72dc3245730c813277c645525473cc5232e85cd23503b8593d90264f335e61a16d364a1e6c41922820b40ba7c0f46b19f4b91db6a0cf5e31e778ddea","ssdeep":"384:6FamwIluB0sJQqCeSQup5szCUXAG0VVi82OgoKACZQQofNJXY3gW3:663Mp5If8WOmgW3","tlshash":"6bc292dc7bf968e4a5de43aaef2831a8320ba0fb17425904f51d12142f0655cec6f6ed","first_seen":"2023-04-05T17:41:51Z","last_seen":"2025-09-17T15:21:34.980882Z","times_seen":52648,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/favicon.ico","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/heel.html","date":"2023-08-20T10:33:30.188Z","timestamp":1692527610188,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 10 Jul 2023 14:06:36 GMT","end":"Sun, 08 Oct 2023 14:06:35 GMT"},"fingerprint":{"sha1":"61:46:7F:9A:CD:4C:E9:01:C4:D3:4D:78:3B:82:B4:F2:AC:6F:DA:88","sha256":"EE:87:CE:CF:96:48:31:96:09:35:8C:C8:5B:18:25:6F:CF:A8:A4:3F:C9:15:6D:34:0A:1E:AC:7F:B4:6D:BF:82"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/favicon.ico HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pub-45aae2fafe9044019f5ade95eae90cd6.r2.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 421\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/x-icon\r\netag: \"928026765089cd2a4183510ed4f8be0259cd85b776338ee2c337cacc18bdf016-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 20 Aug 2023 10:33:36 GMT\r\nx-served-by: cache-bma1640-BMA\r\nx-cache: HIT\r\nx-cache-hits: 3\r\nx-timer: S1692527617.963549,VS0,VE0\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":421,"size_decoded":0,"mime_type":"","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\\012- data","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-04-03T18:30:52.528575Z","times_seen":163398,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}