amspd.azurewebsites.net/Ap/Signin.php
301 Moved Permanently 0 B URL HTTP/1.1 amspd.azurewebsites.net/Ap/Signin.php
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Apple Inc.
GET /Ap/Signin.php HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Thu, 30 Mar 2023 19:45:44 GMT
Location: https://amspd.azurewebsites.net/Ap/Signin.php
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19481
Expires: Fri, 31 Mar 2023 01:10:26 GMT
Date: Thu, 30 Mar 2023 19:45:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3154
Expires: Thu, 30 Mar 2023 20:38:19 GMT
Date: Thu, 30 Mar 2023 19:45:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 19:16:07 GMT
content-type: application/json
age: 1778
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2996
Expires: Thu, 30 Mar 2023 20:35:41 GMT
Date: Thu, 30 Mar 2023 19:45:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JjKmADC1ztIkf43IlPc3/aRoqIxtDXQ6B+8xHXR1386QAUjeaQZ65ELK7Jv7h/gl3+Olpn/Ub5g=
x-amz-request-id: V122WN6DVFZJA8JX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 19:33:47 GMT
age: 718
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 19:45:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 19:14:37 GMT
age: 1869
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16418
Expires: Fri, 31 Mar 2023 00:19:24 GMT
Date: Thu, 30 Mar 2023 19:45:46 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KFmQt+wGxNEIeZ8N7yD+CQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mKDw7NBFzSYYHeYIHxji/rV8/Eo=
amspd.azurewebsites.net/Ap/Signin.php
200 OK 4.0 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/Signin.php
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (464), with CRLF line terminators
Hash 37ac84f9d223b9daf9b2f51cc7bc3344
a3831b3141b167285d4a9421b336fc9646949401
47b23baad13529574647ea8e9fca48c0d78ad6f094b1f7d3a82397a28507c4e1
Analyzer Verdict Alert openphish Apple Inc.
GET /Ap/Signin.php HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 30 Mar 2023 19:45:46 GMT
Server: nginx/1.22.1
Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28; path=/
Transfer-Encoding: chunked
X-Powered-By: PHP/8.2.1
amspd.azurewebsites.net/Ap/style/js/jquery.mask.js
200 OK 18 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/js/jquery.mask.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 219d169a80568884a3d6baab3e5e7def
61d00104de8c972c820cd9b527d8e2edb30e5c4a
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/js/jquery.mask.js HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 18430
Content-Type: application/javascript
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226aae-47fe"
Last-Modified: Tue, 28 Mar 2023 04:18:54 GMT
amspd.azurewebsites.net/Ap/style/signin.css
200 OK 292 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/signin.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (64719)
Size 292 kB (291636 bytes)
Hash b8371520439323b8c6cee225eb8bd03e
510845812ea1f721abfe9fa6950565c001677e40
1a7fdaddbd813f0f3080d54fea097abcf89ce95dbfd05794ef919548a603e92f
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/signin.css HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 291636
Content-Type: text/css
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226a8b-47334"
Last-Modified: Tue, 28 Mar 2023 04:18:19 GMT
amspd.azurewebsites.net/Ap/style/js/jquery.validate.min.js
200 OK 23 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/js/jquery.validate.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (22900), with CRLF line terminators
Hash 1e1c2204ab5160549d843ea9c1180d8f
be45d449d7431890f5666baf4fc159e6e8c8bbaa
0279b4163ca0d6df05c1f50b63f192da41f82a0c48b6872e8671dec485df6dd7
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/js/jquery.validate.min.js HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 23041
Content-Type: application/javascript
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226aaf-5a01"
Last-Modified: Tue, 28 Mar 2023 04:18:55 GMT
amspd.azurewebsites.net/Ap/style/js/jquery.min.js
200 OK 97 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/js/jquery.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/js/jquery.min.js HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 97163
Content-Type: application/javascript
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226aaf-17b8b"
Last-Modified: Tue, 28 Mar 2023 04:18:55 GMT
amspd.azurewebsites.net/Ap/style/external.css
200 OK 189 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/external.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (64884)
Size 189 kB (188952 bytes)
Hash 17b1fe1d5d6a7aaee2858c5ff2afc86c
67b84e95775fb5d408115de67fe1d76b72e7ab2f
4ad594c17e36f3e9cdd62c3a7465fa502bf056e37c9704a77a8df562cb8a6073
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/external.css HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 188952
Content-Type: text/css
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226a83-2e218"
Last-Modified: Tue, 28 Mar 2023 04:18:11 GMT
amspd.azurewebsites.net/Ap/style/js/angular.min.js
200 OK 167 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/js/angular.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (566)
Size 167 kB (167131 bytes)
Hash be6af23e2a716c006da75d0291784254
9c923313eabc56d715a7c07bf855feb26a72f671
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/js/angular.min.js HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 167131
Content-Type: application/javascript
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226aac-28cdb"
Last-Modified: Tue, 28 Mar 2023 04:18:52 GMT
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Thu, 30 Mar 2023 20:48:55 GMT
Date: Thu, 30 Mar 2023 19:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Thu, 30 Mar 2023 20:48:55 GMT
Date: Thu, 30 Mar 2023 19:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Thu, 30 Mar 2023 20:48:55 GMT
Date: Thu, 30 Mar 2023 19:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Thu, 30 Mar 2023 20:48:55 GMT
Date: Thu, 30 Mar 2023 19:45:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db24198518d1a093c5c03e92e53925a2
288898a60e0a029946e7d770d2b0c64b6f3bf51d
4a15da439fa1a3ccdd3d329f250bacaab581287183293c4e367b05c2a83eb66d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12233
x-amzn-requestid: 781fd422-c720-49d7-bc90-6f8b18751caf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAynHgNoAMFvCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-5327bf334c985816289507b9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: xT4yOqmmDOGyZ-ef--AYRxpuzlFou0jf8p4BWB4qUCDXR1VStct5DA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "288898a60e0a029946e7d770d2b0c64b6f3bf51d"
content-type: image/jpeg
age: 79257
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2021c271f9290204bd14cd2a3a1680fc
39b68cbcaba381d63dc67bc289fb67c849adb9ff
a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4549
x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoBHFFoAMFx5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: kbG1Llnn0Elhz5ItoJyufkUgoB5FhmvLpk2oQox2HPnSHeBfCOuXXw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
age: 79257
etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 00:11:11 GMT
age: 70476
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:41 GMT
age: 79266
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 6lKfWQ4mVZdKDpPhp9KzllP2eyH03CsFufQxXVTUZ1s1t1gQs1OUFA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
age: 79257
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c71571a378e261334e5acb723634ab
f1234c280364b6fe1dcf9c6c64edadc235108c4b
97544d600ab1ae204b169c3b7ba2a74df689b6c711a003d72f0934165d8a3e25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5395
x-amzn-requestid: ff3218dc-8754-4568-8e42-0885cb7e5d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA0BFYNoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7f-127129cf3776a60c333d205c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ayBzSVUrRznKMPzI1JYvj1ikLo-arbVQUxdEZDM7KYHWyL2cwT10tA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:45:03 GMT
etag: "f1234c280364b6fe1dcf9c6c64edadc235108c4b"
content-type: image/jpeg
age: 79244
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 01d49106047319b070b7e064dc041a69
c6fbd3d1bec3e52d8dce314b062396f9f6ccd3b5
489d062d2f9cb79c1e07aef79e29f11ea60d063868247bf73f4214ae00a1becd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 19:45:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amspd.azurewebsites.net/Ap/style/apple/image_large.svg
200 OK 554 B URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/apple/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (554), with no line terminators
Hash 5465cc591da2ac562ae16bb33f3575b8
a4d805677d0ca6aa4041c0fa06ad2f9cb37551c7
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/apple/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 554
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226a98-22a"
Last-Modified: Tue, 28 Mar 2023 04:18:32 GMT
amspd.azurewebsites.net/Ap/style/mac/image_large.svg
200 OK 802 B URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/mac/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (802), with no line terminators
Hash a3434749345009da205ac0e848654e85
615dec701544bd85f757b20719b5ad881fba64fc
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/mac/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 802
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226ab3-322"
Last-Modified: Tue, 28 Mar 2023 04:18:59 GMT
amspd.azurewebsites.net/Ap/style/ipad/image_large.svg
200 OK 1.0 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/ipad/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1002), with no line terminators
Hash f8e228778420068429aa8af265c8d551
4a7a0a689857665f4a29fd31481f315fab987842
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/ipad/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1002
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226aa1-3ea"
Last-Modified: Tue, 28 Mar 2023 04:18:41 GMT
amspd.azurewebsites.net/Ap/style/tv/image_large.svg
200 OK 264 B URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/tv/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash ee95a18fd56763a31aca1d504802e089
aca3406918ffe464b3adc4f857b81fd66d40690d
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/tv/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 264
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226ac7-108"
Last-Modified: Tue, 28 Mar 2023 04:19:19 GMT
amspd.azurewebsites.net/Ap/style/iphone/image_large.svg
200 OK 1.2 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/iphone/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1160), with no line terminators
Hash e0a682d11e5da6756c00a9fb7f94ce93
47f240703ce0fcada7a4fc00c6ba87371a395308
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/iphone/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1160
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226aa6-488"
Last-Modified: Tue, 28 Mar 2023 04:18:46 GMT
amspd.azurewebsites.net/Ap/style/watch/image_large.svg
200 OK 1.7 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/watch/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 6bb5a35f8ff457e2f8b345bd6597e2e4
6f69f11b5c66326f2e4b63c8276195653c79a137
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/watch/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1694
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:47 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226acc-69e"
Last-Modified: Tue, 28 Mar 2023 04:19:24 GMT
amspd.azurewebsites.net/Ap/style/aosicons_regular.woff
200 OK 4.9 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/aosicons_regular.woff
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format, TrueType, length 4900, version 1.0\012- data
Hash 9a09cc6e2921bb353d9ffc66140879e0
be3514d324aff1af49a7db491b9a1c874ae76b6d
7e5de7a4d66f85eb27d41d46ccedd8a118c6a4dbb2d06ff30b61a8a7a969be18
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/aosicons_regular.woff HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/signin.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4900
Content-Type: font/woff
Date: Thu, 30 Mar 2023 19:45:48 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226a7f-1324"
Last-Modified: Tue, 28 Mar 2023 04:18:07 GMT
amspd.azurewebsites.net/Ap/style/music/image_large.svg
200 OK 1.1 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/music/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1082), with no line terminators
Hash 9c937381351fbdef4480586b6af7715e
444f95d791fa40bb4888663f3b2aa18089d53a97
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/music/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1082
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:48 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226ab7-43a"
Last-Modified: Tue, 28 Mar 2023 04:19:03 GMT
amspd.azurewebsites.net/Ap/style/support/image_large.svg
200 OK 1.7 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/support/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1661), with no line terminators
Hash 52a5a165c8306386b352ac17162dfa27
d6e74d86852625275e44fcd469626eef00a5b847
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/support/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1661
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:48 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226ac1-67d"
Last-Modified: Tue, 28 Mar 2023 04:19:13 GMT
amspd.azurewebsites.net/Ap/style/search/image_large.svg
200 OK 390 B URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/search/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390), with no line terminators
Hash 8dd1210f9d7be403307a214472c87f03
66e42744e85502e03a8c0d6f558873784977a6e7
ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/search/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 390
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:48 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226abc-186"
Last-Modified: Tue, 28 Mar 2023 04:19:08 GMT
amspd.azurewebsites.net/Ap/style/bag/image_large.svg
200 OK 416 B URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/bag/image_large.svg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (416), with no line terminators
Hash aea2d7189d99437b77d399f64935c8f3
880451f3623c34a625f6bfa9a6972ca40d9ad885
6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/bag/image_large.svg HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/style/external.css
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 416
Content-Type: image/svg+xml
Date: Thu, 30 Mar 2023 19:45:48 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226a9c-1a0"
Last-Modified: Tue, 28 Mar 2023 04:18:36 GMT
amspd.azurewebsites.net/Ap/style/favicon.ico
200 OK 9.1 kB URL HTTP/1.1 amspd.azurewebsites.net/Ap/style/favicon.ico
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 4 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 28ec4eaba5ae210b98a11257caf5bade
6164148a39d6a27286641896fce3b76f439aeab1
3f5086612aae9363c9fb02949219cef19854c18fe5ad4eda78aa1aefcc79cc71
Analyzer Verdict Alert urlquery phishing Phishing - Apple
openphish Outlook
GET /Ap/style/favicon.ico HTTP/1.1
Host: amspd.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/Ap/Signin.php
Cookie: PHPSESSID=21c45e2191c69452fa99e5d5c1572b28
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 9062
Content-Type: image/x-icon
Date: Thu, 30 Mar 2023 19:45:48 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "64226a84-2366"
Last-Modified: Tue, 28 Mar 2023 04:18:12 GMT
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 01d49106047319b070b7e064dc041a69
c6fbd3d1bec3e52d8dce314b062396f9f6ccd3b5
489d062d2f9cb79c1e07aef79e29f11ea60d063868247bf73f4214ae00a1becd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 19:45:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tafihcss.blogspot.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: tafihcss.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amspd.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 30 Mar 2023 19:45:48 GMT
date: Thu, 30 Mar 2023 19:45:48 GMT
cache-control: private, max-age=0
last-modified: Wed, 15 Sep 2021 21:17:55 GMT
etag: W/"ac0ca6aca7c022a1faa19a160d8ae93aa092aed47c9797a72cb8c9dafec2143f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15170
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
34.120.237.76
23.36.77.32